From 9ffadb64220f7eae6d993d987b73049544583224 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 16 Aug 2023 14:31:46 +0200 Subject: [PATCH 01/60] Add ingress and postgres conf --- .../resources/taiga/ingress/certificate.yaml | 18 +++++++ .../resources/taiga/ingress/host-rule.yaml | 10 ++++ src/main/resources/taiga/ingress/ingress.yaml | 27 ++++++++++ .../resources/taiga/postgres/config-8gb.yaml | 12 +++++ .../resources/taiga/postgres/deployment.yaml | 51 +++++++++++++++++++ .../taiga/postgres/persistent-volume.yaml | 14 +++++ src/main/resources/taiga/postgres/pvc.yaml | 13 +++++ src/main/resources/taiga/postgres/secret.yaml | 8 +++ .../resources/taiga/postgres/service.yaml | 9 ++++ 9 files changed, 162 insertions(+) create mode 100644 src/main/resources/taiga/ingress/certificate.yaml create mode 100644 src/main/resources/taiga/ingress/host-rule.yaml create mode 100644 src/main/resources/taiga/ingress/ingress.yaml create mode 100644 src/main/resources/taiga/postgres/config-8gb.yaml create mode 100644 src/main/resources/taiga/postgres/deployment.yaml create mode 100644 src/main/resources/taiga/postgres/persistent-volume.yaml create mode 100644 src/main/resources/taiga/postgres/pvc.yaml create mode 100644 src/main/resources/taiga/postgres/secret.yaml create mode 100644 src/main/resources/taiga/postgres/service.yaml diff --git a/src/main/resources/taiga/ingress/certificate.yaml b/src/main/resources/taiga/ingress/certificate.yaml new file mode 100644 index 0000000..6cb4008 --- /dev/null +++ b/src/main/resources/taiga/ingress/certificate.yaml @@ -0,0 +1,18 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: c4k-common-cert + labels: + app.kubernetes.part-of: c4k-common-app + namespace: default +spec: + secretName: c4k-common-cert + commonName: FQDN + duration: 2160h # 90d + renewBefore: 720h # 30d + dnsNames: + - FQDN + issuerRef: + name: staging + kind: ClusterIssuer + \ No newline at end of file diff --git a/src/main/resources/taiga/ingress/host-rule.yaml b/src/main/resources/taiga/ingress/host-rule.yaml new file mode 100644 index 0000000..73d0e9f --- /dev/null +++ b/src/main/resources/taiga/ingress/host-rule.yaml @@ -0,0 +1,10 @@ +host: FQDN +http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: SERVICE_NAME + port: + number: SERVICE_PORT diff --git a/src/main/resources/taiga/ingress/ingress.yaml b/src/main/resources/taiga/ingress/ingress.yaml new file mode 100644 index 0000000..c958fca --- /dev/null +++ b/src/main/resources/taiga/ingress/ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: c4k-common-https-ingress + namespace: default + labels: + app.kubernetes.part-of: c4k-common-app + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web, websecure + traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd + metallb.universe.tf/address-pool: public +spec: + tls: + - hosts: + - FQDN + secretName: c4k-common-cert + rules: + - host: FQDN + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: SERVICE_NAME + port: + number: 80 diff --git a/src/main/resources/taiga/postgres/config-8gb.yaml b/src/main/resources/taiga/postgres/config-8gb.yaml new file mode 100644 index 0000000..07e3c06 --- /dev/null +++ b/src/main/resources/taiga/postgres/config-8gb.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-config + labels: + app: postgres +data: + postgres-db: postgres + postgresql.conf: | + max_connections = 700 + work_mem = 3MB + shared_buffers = 2048MB diff --git a/src/main/resources/taiga/postgres/deployment.yaml b/src/main/resources/taiga/postgres/deployment.yaml new file mode 100644 index 0000000..5b4bb4d --- /dev/null +++ b/src/main/resources/taiga/postgres/deployment.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgresql +spec: + selector: + matchLabels: + app: postgresql + strategy: + type: Recreate + template: + metadata: + labels: + app: postgresql + spec: + containers: + - image: postgres + name: postgresql + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: postgres-config + key: postgres-db + ports: + - containerPort: 5432 + name: postgresql + volumeMounts: + - name: postgres-config-volume + mountPath: /etc/postgresql/postgresql.conf + subPath: postgresql.conf + readOnly: true + - name: postgre-data-volume + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-config-volume + configMap: + name: postgres-config + - name: postgre-data-volume + persistentVolumeClaim: + claimName: postgres-claim diff --git a/src/main/resources/taiga/postgres/persistent-volume.yaml b/src/main/resources/taiga/postgres/persistent-volume.yaml new file mode 100644 index 0000000..acc9b9d --- /dev/null +++ b/src/main/resources/taiga/postgres/persistent-volume.yaml @@ -0,0 +1,14 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: postgres-pv-volume + labels: + type: local +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + capacity: + storage: 10Gi + hostPath: + path: "/var/postgres" \ No newline at end of file diff --git a/src/main/resources/taiga/postgres/pvc.yaml b/src/main/resources/taiga/postgres/pvc.yaml new file mode 100644 index 0000000..7d94bd1 --- /dev/null +++ b/src/main/resources/taiga/postgres/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-claim + labels: + app: postgres +spec: + storageClassName: REPLACEME + accessModes: + - ReadWriteOnce + resources: + requests: + storage: REPLACEME \ No newline at end of file diff --git a/src/main/resources/taiga/postgres/secret.yaml b/src/main/resources/taiga/postgres/secret.yaml new file mode 100644 index 0000000..ebf2b69 --- /dev/null +++ b/src/main/resources/taiga/postgres/secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgres-secret +type: Opaque +data: + postgres-user: "psql-user" + postgres-password: "psql-pw" diff --git a/src/main/resources/taiga/postgres/service.yaml b/src/main/resources/taiga/postgres/service.yaml new file mode 100644 index 0000000..d67fea1 --- /dev/null +++ b/src/main/resources/taiga/postgres/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgresql-service +spec: + selector: + app: postgresql + ports: + - port: 5432 From 152b2ce46ec501128913ddd33d83a16bf7b37233 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 16 Aug 2023 14:51:23 +0200 Subject: [PATCH 02/60] Add values, flatten folder structure --- .../taiga/{ingress => }/certificate.yaml | 4 ++-- .../taiga/{postgres => }/config-8gb.yaml | 0 .../taiga/{postgres => }/deployment.yaml | 0 .../taiga/{ingress => }/ingress.yaml | 6 +++--- .../resources/taiga/ingress/host-rule.yaml | 10 ---------- .../{postgres => }/persistent-volume.yaml | 0 .../resources/taiga/{postgres => }/pvc.yaml | 4 ++-- .../taiga/{postgres => }/secret.yaml | 0 .../taiga/{postgres => }/service.yaml | 0 src/main/resources/taiga/taiga-configmap.yaml | 20 +++++++++---------- src/main/resources/taiga/taiga-data-pvcs.yaml | 4 ++-- .../taiga/taiga-events-deployment.yaml | 10 +++++----- .../taiga-events-rabbitmq-deployment.yaml | 4 ++-- .../taiga/taiga-front-deployment.yaml | 6 +++--- .../taiga/taiga-protected-deployment.yaml | 2 +- .../resources/taiga/taiga-rabbitmq-pvc.yaml | 4 ++-- .../taiga/taiga-rabbitmq-secret.yaml | 4 ++-- src/main/resources/taiga/taiga-secret.yaml | 14 ++++++------- 18 files changed, 41 insertions(+), 51 deletions(-) rename src/main/resources/taiga/{ingress => }/certificate.yaml (83%) rename src/main/resources/taiga/{postgres => }/config-8gb.yaml (100%) rename src/main/resources/taiga/{postgres => }/deployment.yaml (100%) rename src/main/resources/taiga/{ingress => }/ingress.yaml (85%) delete mode 100644 src/main/resources/taiga/ingress/host-rule.yaml rename src/main/resources/taiga/{postgres => }/persistent-volume.yaml (100%) rename src/main/resources/taiga/{postgres => }/pvc.yaml (76%) rename src/main/resources/taiga/{postgres => }/secret.yaml (100%) rename src/main/resources/taiga/{postgres => }/service.yaml (100%) diff --git a/src/main/resources/taiga/ingress/certificate.yaml b/src/main/resources/taiga/certificate.yaml similarity index 83% rename from src/main/resources/taiga/ingress/certificate.yaml rename to src/main/resources/taiga/certificate.yaml index 6cb4008..3fc00e3 100644 --- a/src/main/resources/taiga/ingress/certificate.yaml +++ b/src/main/resources/taiga/certificate.yaml @@ -7,11 +7,11 @@ metadata: namespace: default spec: secretName: c4k-common-cert - commonName: FQDN + commonName: jitsi.test.meissa.de duration: 2160h # 90d renewBefore: 720h # 30d dnsNames: - - FQDN + - jitsi.test.meissa.de issuerRef: name: staging kind: ClusterIssuer diff --git a/src/main/resources/taiga/postgres/config-8gb.yaml b/src/main/resources/taiga/config-8gb.yaml similarity index 100% rename from src/main/resources/taiga/postgres/config-8gb.yaml rename to src/main/resources/taiga/config-8gb.yaml diff --git a/src/main/resources/taiga/postgres/deployment.yaml b/src/main/resources/taiga/deployment.yaml similarity index 100% rename from src/main/resources/taiga/postgres/deployment.yaml rename to src/main/resources/taiga/deployment.yaml diff --git a/src/main/resources/taiga/ingress/ingress.yaml b/src/main/resources/taiga/ingress.yaml similarity index 85% rename from src/main/resources/taiga/ingress/ingress.yaml rename to src/main/resources/taiga/ingress.yaml index c958fca..0133b07 100644 --- a/src/main/resources/taiga/ingress/ingress.yaml +++ b/src/main/resources/taiga/ingress.yaml @@ -12,16 +12,16 @@ metadata: spec: tls: - hosts: - - FQDN + - jitsi.test.meissa.de secretName: c4k-common-cert rules: - - host: FQDN + - host: jitsi.test.meissa.de http: paths: - pathType: Prefix path: "/" backend: service: - name: SERVICE_NAME + name: taiga-gateway-service port: number: 80 diff --git a/src/main/resources/taiga/ingress/host-rule.yaml b/src/main/resources/taiga/ingress/host-rule.yaml deleted file mode 100644 index 73d0e9f..0000000 --- a/src/main/resources/taiga/ingress/host-rule.yaml +++ /dev/null @@ -1,10 +0,0 @@ -host: FQDN -http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: SERVICE_NAME - port: - number: SERVICE_PORT diff --git a/src/main/resources/taiga/postgres/persistent-volume.yaml b/src/main/resources/taiga/persistent-volume.yaml similarity index 100% rename from src/main/resources/taiga/postgres/persistent-volume.yaml rename to src/main/resources/taiga/persistent-volume.yaml diff --git a/src/main/resources/taiga/postgres/pvc.yaml b/src/main/resources/taiga/pvc.yaml similarity index 76% rename from src/main/resources/taiga/postgres/pvc.yaml rename to src/main/resources/taiga/pvc.yaml index 7d94bd1..785d8f9 100644 --- a/src/main/resources/taiga/postgres/pvc.yaml +++ b/src/main/resources/taiga/pvc.yaml @@ -5,9 +5,9 @@ metadata: labels: app: postgres spec: - storageClassName: REPLACEME + storageClassName: postgres accessModes: - ReadWriteOnce resources: requests: - storage: REPLACEME \ No newline at end of file + storage: postgres \ No newline at end of file diff --git a/src/main/resources/taiga/postgres/secret.yaml b/src/main/resources/taiga/secret.yaml similarity index 100% rename from src/main/resources/taiga/postgres/secret.yaml rename to src/main/resources/taiga/secret.yaml diff --git a/src/main/resources/taiga/postgres/service.yaml b/src/main/resources/taiga/service.yaml similarity index 100% rename from src/main/resources/taiga/postgres/service.yaml rename to src/main/resources/taiga/service.yaml diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index 696cbff..8f97784 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -8,20 +8,20 @@ data: # Database settings handled in deployment # Taiga settings - TAIGA_SITES_SCHEME: TAIGA_SCHEME - TAIGA_SITES_DOMAIN: TAIGA_DOMAIN - TAIGA_SUBPATH: SUBPATH + TAIGA_SITES_SCHEME: https + TAIGA_SITES_DOMAIN: jitsi.test.meissa.de + TAIGA_SUBPATH: "" # Email settings. - EMAIL_BACKEND: EMAIL_BACKEND # django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend # ToDo move to code base - DEFAULT_FROM_EMAIL: DEFAULT_FROM_EMAIL_VALUE - EMAIL_USE_TLS: EMAIL_USE_TLS_VALUE - EMAIL_USE_SSL: EMAIL_USE_SSL_VALUE - EMAIL_HOST: EMAIL_HOST_VALUE - EMAIL_PORT: EMAIL_PORT_VALUE + EMAIL_BACKEND: console # django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend # ToDo move to code base + DEFAULT_FROM_EMAIL: meissa@meissa.de + EMAIL_USE_TLS: false + EMAIL_USE_SSL: false + EMAIL_HOST: smpt.meissa.de + EMAIL_PORT: 39 # Telemetry settings - ENABLE_TELEMETRY: ENABLE_TELEMETRY_VALUE + ENABLE_TELEMETRY: false # ...your customizations go here # Taiga Events Settings diff --git a/src/main/resources/taiga/taiga-data-pvcs.yaml b/src/main/resources/taiga/taiga-data-pvcs.yaml index c9adf34..cd51a7d 100644 --- a/src/main/resources/taiga/taiga-data-pvcs.yaml +++ b/src/main/resources/taiga/taiga-data-pvcs.yaml @@ -12,7 +12,7 @@ spec: - ReadWriteOnce resources: requests: - storage: TAIGA_MEDIA_DATA_STORAGE_SIZE + storage: 1Gi --- apiVersion: v1 kind: PersistentVolumeClaim @@ -28,4 +28,4 @@ spec: - ReadWriteOnce resources: requests: - storage: TAIGA_STATIC_DATA_STORAGE_SIZE + storage: 1Gi diff --git a/src/main/resources/taiga/taiga-events-deployment.yaml b/src/main/resources/taiga/taiga-events-deployment.yaml index 08f15a0..652d173 100644 --- a/src/main/resources/taiga/taiga-events-deployment.yaml +++ b/src/main/resources/taiga/taiga-events-deployment.yaml @@ -23,11 +23,11 @@ spec: - name: http containerPort: 8888 env: - - name: EVENTS_PUSH_BACKEND_URL # ToDo: check if we really need to set these URLs - valueFrom: - configMapKeyRef: - name: taiga-configmap - key: EVENTS_PUSH_BACKEND_URL + #- name: EVENTS_PUSH_BACKEND_URL # ToDo: check if we really need to set these URLs + # valueFrom: + # configMapKeyRef: + # name: taiga-configmap + # key: EVENTS_PUSH_BACKEND_URL - name: RABBITMQ_USER valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml b/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml index e142073..01c640d 100644 --- a/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml @@ -28,9 +28,9 @@ spec: readOnly: false env: - name: RABBITMQ_ERLANG_COOKIE - value: ERLANG_COOKIE_VALUE + value: erlang-cookie-name - name: RABBITMQ_DEFAULT_VHOST - value: RABBITMQ_VHOST + value: taiga - name: RABBITMQ_USER valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/taiga-front-deployment.yaml b/src/main/resources/taiga/taiga-front-deployment.yaml index 738df74..9dbb527 100644 --- a/src/main/resources/taiga/taiga-front-deployment.yaml +++ b/src/main/resources/taiga/taiga-front-deployment.yaml @@ -24,8 +24,8 @@ spec: containerPort: 80 env: - name: TAIGA_URL - value: TAGA_SCHEME://TAIGA_DOMAIN + value: https://jitsi.test.meissa.de - name: TAIGA_WEBSOCKETS_URL - value: WEBSOCKETS_SCHEME://TAIGA_DOMAIN + value: https://jitsi.test.meissa.de - name: TAIGA_SUBPATH - value: SUBPATH + value: "" diff --git a/src/main/resources/taiga/taiga-protected-deployment.yaml b/src/main/resources/taiga/taiga-protected-deployment.yaml index 3f78384..e660671 100644 --- a/src/main/resources/taiga/taiga-protected-deployment.yaml +++ b/src/main/resources/taiga/taiga-protected-deployment.yaml @@ -24,7 +24,7 @@ spec: containerPort: 8003 env: - name: MAX_AGE - value: ATTACHMENTS_MAX_AGE + value: 5 - name: SECRET_KEY valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/taiga-rabbitmq-pvc.yaml b/src/main/resources/taiga/taiga-rabbitmq-pvc.yaml index 58f2b3e..3f56a91 100644 --- a/src/main/resources/taiga/taiga-rabbitmq-pvc.yaml +++ b/src/main/resources/taiga/taiga-rabbitmq-pvc.yaml @@ -12,7 +12,7 @@ spec: - ReadWriteOnce resources: requests: - storage: TAIGA_RABBITMQ_DATA_STORAGE_SIZE + storage: 1Gi --- apiVersion: v1 kind: PersistentVolumeClaim @@ -28,4 +28,4 @@ spec: - ReadWriteOnce resources: requests: - storage: TAIGA_RABBITMQ_DATA_STORAGE_SIZE + storage: 1Gi diff --git a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml index 79a6286..2f13a86 100644 --- a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml +++ b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml @@ -6,5 +6,5 @@ metadata: app.kubernetes.part-of: taiga data: # Rabbitmq settings - RABBITMQ_DEFAULT_USER: RABBITMQ_USER_VALUE # ToDo: Evaluate if we need two different users and passes for rabbitmq - RABBITMQ_DEFAULT_PASS: RABBITMQ_PASS_VALUE + RABBITMQ_DEFAULT_USER: rabbit # ToDo: Evaluate if we need two different users and passes for rabbitmq + RABBITMQ_DEFAULT_PASS: rabbit_pass diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/taiga-secret.yaml index 08fd205..92ff7d3 100644 --- a/src/main/resources/taiga/taiga-secret.yaml +++ b/src/main/resources/taiga/taiga-secret.yaml @@ -7,16 +7,16 @@ metadata: data: # Taiga settings - TAIGA_SECRET_KEY: SECRET_KEY_VALUE + TAIGA_SECRET_KEY: 59dsfgjsdf4jq3ßdfej345 # Email settings - EMAIL_HOST_USER: EMAIL_HOST_USER_VALUE - EMAIL_HOST_PASSWORD: EMAIL_HOST_USER_PASS + EMAIL_HOST_USER: meissa@meissa.de + EMAIL_HOST_PASSWORD: asdfasdf # Rabbitmq settings - RABBITMQ_USER: RABBITMQ_USER_VALUE - RABBITMQ_PASS: RABBITMQ_PASS_VALUE + RABBITMQ_USER: rabbit + RABBITMQ_PASS: rabbit_pass # Django settings - DJANGO_SUPERUSER_TAIGAADMIN: TAIGA_ADMIN - DJANGO_SUPERUSER_PASSWORD: TAIGA_ADMIN_PASS + DJANGO_SUPERUSER_TAIGAADMIN: taiga + DJANGO_SUPERUSER_PASSWORD: taiga_pass From 596a1eca7b0b370fbfd419c83906d3690e99e421 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 16 Aug 2023 14:54:54 +0200 Subject: [PATCH 03/60] Move files --- src/main/resources/taiga/{ => donotapply}/.env | 0 src/main/resources/taiga/donotapply/changes-made.md | 0 src/main/resources/taiga/{ => donotapply}/conf.json | 0 src/main/resources/taiga/{ => donotapply}/config.py | 0 .../resources/taiga/{ => donotapply}/old-docker-compose-inits.yml | 0 src/main/resources/taiga/{ => donotapply}/old-docker-compose.yml | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename src/main/resources/taiga/{ => donotapply}/.env (100%) create mode 100644 src/main/resources/taiga/donotapply/changes-made.md rename src/main/resources/taiga/{ => donotapply}/conf.json (100%) rename src/main/resources/taiga/{ => donotapply}/config.py (100%) rename src/main/resources/taiga/{ => donotapply}/old-docker-compose-inits.yml (100%) rename src/main/resources/taiga/{ => donotapply}/old-docker-compose.yml (100%) diff --git a/src/main/resources/taiga/.env b/src/main/resources/taiga/donotapply/.env similarity index 100% rename from src/main/resources/taiga/.env rename to src/main/resources/taiga/donotapply/.env diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md new file mode 100644 index 0000000..e69de29 diff --git a/src/main/resources/taiga/conf.json b/src/main/resources/taiga/donotapply/conf.json similarity index 100% rename from src/main/resources/taiga/conf.json rename to src/main/resources/taiga/donotapply/conf.json diff --git a/src/main/resources/taiga/config.py b/src/main/resources/taiga/donotapply/config.py similarity index 100% rename from src/main/resources/taiga/config.py rename to src/main/resources/taiga/donotapply/config.py diff --git a/src/main/resources/taiga/old-docker-compose-inits.yml b/src/main/resources/taiga/donotapply/old-docker-compose-inits.yml similarity index 100% rename from src/main/resources/taiga/old-docker-compose-inits.yml rename to src/main/resources/taiga/donotapply/old-docker-compose-inits.yml diff --git a/src/main/resources/taiga/old-docker-compose.yml b/src/main/resources/taiga/donotapply/old-docker-compose.yml similarity index 100% rename from src/main/resources/taiga/old-docker-compose.yml rename to src/main/resources/taiga/donotapply/old-docker-compose.yml From f5c352a80ed82c31d6fea2439b0b6a141b3dc8a8 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 18 Aug 2023 12:57:07 +0200 Subject: [PATCH 04/60] Update configs --- .../resources/taiga/donotapply/changes-made.md | 13 +++++++++++++ src/main/resources/taiga/persistent-volume.yaml | 2 +- src/main/resources/taiga/pvc.yaml | 4 ++-- src/main/resources/taiga/secret.yaml | 4 ++-- .../resources/taiga/taiga-async-deployment.yaml | 6 +++--- .../resources/taiga/taiga-back-deployment.yaml | 16 ++++++++-------- src/main/resources/taiga/taiga-configmap.yaml | 8 ++++---- .../resources/taiga/taiga-gateway-configmap.yaml | 10 +++++----- .../taiga/taiga-gateway-deployment.yaml | 8 ++++---- .../taiga/taiga-protected-deployment.yaml | 2 +- .../resources/taiga/taiga-rabbitmq-secret.yaml | 4 ++-- src/main/resources/taiga/taiga-secret.yaml | 14 +++++++------- 12 files changed, 52 insertions(+), 39 deletions(-) diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md index e69de29..67efa8b 100644 --- a/src/main/resources/taiga/donotapply/changes-made.md +++ b/src/main/resources/taiga/donotapply/changes-made.md @@ -0,0 +1,13 @@ +Comment EVENTS_PUSH_BACKEND_URL in taiga-events-deployment +Indent name fields in envFrom field in taiga-back-deployment +Remove indentation from name field in taiga-gateway-deployment +Switch name and mountPath field positions in taiga-gateway-deployment +Change postres to 1Gi in pvc.yaml +b64 encoded values in *-secret.yaml +Change integers to strings in env vars in deployments and configmaps +Change bools to strings in env vars in deployments and configmaps +Increase storage to 8Gi in pvc.yaml +Change storageClassName to local-path in pvc.yaml +Correct volume names in async, back, gateway +Use service name as address in taiga-gateway-configmap.yaml +Correct reference to taiga-configmap and taiga-secret in taiga-back-deployment \ No newline at end of file diff --git a/src/main/resources/taiga/persistent-volume.yaml b/src/main/resources/taiga/persistent-volume.yaml index acc9b9d..d811805 100644 --- a/src/main/resources/taiga/persistent-volume.yaml +++ b/src/main/resources/taiga/persistent-volume.yaml @@ -5,7 +5,7 @@ metadata: labels: type: local spec: - storageClassName: manual + storageClassName: local-path accessModes: - ReadWriteOnce capacity: diff --git a/src/main/resources/taiga/pvc.yaml b/src/main/resources/taiga/pvc.yaml index 785d8f9..5f8ab88 100644 --- a/src/main/resources/taiga/pvc.yaml +++ b/src/main/resources/taiga/pvc.yaml @@ -5,9 +5,9 @@ metadata: labels: app: postgres spec: - storageClassName: postgres + storageClassName: local-path accessModes: - ReadWriteOnce resources: requests: - storage: postgres \ No newline at end of file + storage: 8Gi \ No newline at end of file diff --git a/src/main/resources/taiga/secret.yaml b/src/main/resources/taiga/secret.yaml index ebf2b69..8b368c4 100644 --- a/src/main/resources/taiga/secret.yaml +++ b/src/main/resources/taiga/secret.yaml @@ -4,5 +4,5 @@ metadata: name: postgres-secret type: Opaque data: - postgres-user: "psql-user" - postgres-password: "psql-pw" + postgres-user: "cHNxbC11c2Vy" + postgres-password: "ZGZnc2RoNDU2NzdzZGZnc2RmZw==" diff --git a/src/main/resources/taiga/taiga-async-deployment.yaml b/src/main/resources/taiga/taiga-async-deployment.yaml index 781508e..448ca4a 100644 --- a/src/main/resources/taiga/taiga-async-deployment.yaml +++ b/src/main/resources/taiga/taiga-async-deployment.yaml @@ -54,12 +54,12 @@ spec: - name: POSTGRES_HOST value: "postgresql-service" - name: POSTGRES_PORT - value: 5432 + value: "5432" volumes: - name: taiga-static persistentVolumeClaim: - claimName: taiga-static + claimName: taiga-static-data - name: taiga-media persistentVolumeClaim: - claimName: taiga-media + claimName: taiga-media-data diff --git a/src/main/resources/taiga/taiga-back-deployment.yaml b/src/main/resources/taiga/taiga-back-deployment.yaml index e803734..36ff068 100644 --- a/src/main/resources/taiga/taiga-back-deployment.yaml +++ b/src/main/resources/taiga/taiga-back-deployment.yaml @@ -33,11 +33,11 @@ spec: readOnly: false envFrom: - configMapRef: - name: taiga-back-configmap + name: taiga-configmap - secretRef: - name: taiga-back-secret + name: taiga-secret - secretRef: - name: taiga-rabbitmq-secret + name: taiga-rabbitmq-secret env: - name: POSTGRES_USER # ToDo: Does taiga need a specific postgres version? Maybe test this valueFrom: @@ -57,9 +57,9 @@ spec: - name: POSTGRES_HOST value: "postgresql-service" - name: POSTGRES_PORT - value: 5432 + value: "5432" - name: CELERY_ENABLED - value: false + value: "false" containers: - name: taiga-back image: taigaio/taiga-back:latest @@ -100,12 +100,12 @@ spec: - name: POSTGRES_HOST value: "postgresql-service" - name: POSTGRES_PORT - value: 5432 + value: "5432" volumes: # ToDo: Remove Volumes where not necessary - name: taiga-static persistentVolumeClaim: - claimName: taiga-static + claimName: taiga-static-data - name: taiga-media persistentVolumeClaim: - claimName: taiga-media + claimName: taiga-media-data diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index 8f97784..2a592e6 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -15,13 +15,13 @@ data: # Email settings. EMAIL_BACKEND: console # django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend # ToDo move to code base DEFAULT_FROM_EMAIL: meissa@meissa.de - EMAIL_USE_TLS: false - EMAIL_USE_SSL: false + EMAIL_USE_TLS: "false" + EMAIL_USE_SSL: "false" EMAIL_HOST: smpt.meissa.de - EMAIL_PORT: 39 + EMAIL_PORT: "39" # Telemetry settings - ENABLE_TELEMETRY: false + ENABLE_TELEMETRY: "false" # ...your customizations go here # Taiga Events Settings diff --git a/src/main/resources/taiga/taiga-gateway-configmap.yaml b/src/main/resources/taiga/taiga-gateway-configmap.yaml index 7ae184d..283d7c2 100644 --- a/src/main/resources/taiga/taiga-gateway-configmap.yaml +++ b/src/main/resources/taiga/taiga-gateway-configmap.yaml @@ -12,7 +12,7 @@ data: # Frontend location / { - proxy_pass http://taiga-front/; + proxy_pass http://taiga-front-service/; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -22,7 +22,7 @@ data: # Api location /api { - proxy_pass http://taiga-back:8000/api; + proxy_pass http://taiga-back-service:8000/api; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -32,7 +32,7 @@ data: # Admin location /admin { - proxy_pass http://taiga-back:8000/admin; + proxy_pass http://taiga-back-service:8000/admin; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -64,13 +64,13 @@ data: proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://taiga-protected:8003/; + proxy_pass http://taiga-protected-service:8003/; proxy_redirect off; } # Events location /events { - proxy_pass http://taiga-events:8888/events; + proxy_pass http://taiga-events-service:8888/events; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/src/main/resources/taiga/taiga-gateway-deployment.yaml b/src/main/resources/taiga/taiga-gateway-deployment.yaml index 79e85f3..dd9ab83 100644 --- a/src/main/resources/taiga/taiga-gateway-deployment.yaml +++ b/src/main/resources/taiga/taiga-gateway-deployment.yaml @@ -24,8 +24,8 @@ spec: - name: http containerPort: 80 volumeMounts: - - mountPath: /etc/nginx/conf.d - name: taiga-gateway-configmap + - name: taiga-gateway-configmap + mountPath: /etc/nginx/conf.d - name: taiga-static mountPath: /taiga/static readOnly: false @@ -39,7 +39,7 @@ spec: name: taiga-gateway-configmap - name: taiga-static persistentVolumeClaim: - claimName: taiga-static + claimName: taiga-static-data - name: taiga-media persistentVolumeClaim: - claimName: taiga-media + claimName: taiga-media-data diff --git a/src/main/resources/taiga/taiga-protected-deployment.yaml b/src/main/resources/taiga/taiga-protected-deployment.yaml index e660671..b4a74fc 100644 --- a/src/main/resources/taiga/taiga-protected-deployment.yaml +++ b/src/main/resources/taiga/taiga-protected-deployment.yaml @@ -24,7 +24,7 @@ spec: containerPort: 8003 env: - name: MAX_AGE - value: 5 + value: "5" - name: SECRET_KEY valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml index 2f13a86..359ac2b 100644 --- a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml +++ b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml @@ -6,5 +6,5 @@ metadata: app.kubernetes.part-of: taiga data: # Rabbitmq settings - RABBITMQ_DEFAULT_USER: rabbit # ToDo: Evaluate if we need two different users and passes for rabbitmq - RABBITMQ_DEFAULT_PASS: rabbit_pass + RABBITMQ_DEFAULT_USER: cmFiYml0 # ToDo: Evaluate if we need two different users and passes for rabbitmq + RABBITMQ_DEFAULT_PASS: cmFiYml0X3Bhc3M= diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/taiga-secret.yaml index 92ff7d3..a3968f7 100644 --- a/src/main/resources/taiga/taiga-secret.yaml +++ b/src/main/resources/taiga/taiga-secret.yaml @@ -7,16 +7,16 @@ metadata: data: # Taiga settings - TAIGA_SECRET_KEY: 59dsfgjsdf4jq3ßdfej345 + TAIGA_SECRET_KEY: NTlkc2ZnanNkZjRqcTPDn2RmZWozNDU= # Email settings - EMAIL_HOST_USER: meissa@meissa.de - EMAIL_HOST_PASSWORD: asdfasdf + EMAIL_HOST_USER: bWVpc3NhQG1laXNzYS5kZQ== + EMAIL_HOST_PASSWORD: YXNkZmFzZGY= # Rabbitmq settings - RABBITMQ_USER: rabbit - RABBITMQ_PASS: rabbit_pass + RABBITMQ_USER: cmFiYml0 + RABBITMQ_PASS: cmFiYml0X3Bhc3M= # Django settings - DJANGO_SUPERUSER_TAIGAADMIN: taiga - DJANGO_SUPERUSER_PASSWORD: taiga_pass + DJANGO_SUPERUSER_TAIGAADMIN: dGFpZ2E= + DJANGO_SUPERUSER_PASSWORD: dGFpZ2FfcGFzcw== From aa045be0a6a223a50eb419cf0976926279b4e730 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 18 Aug 2023 14:16:31 +0200 Subject: [PATCH 05/60] Update taiga-back deployment --- .../taiga/taiga-back-deployment.yaml | 46 +------------------ 1 file changed, 1 insertion(+), 45 deletions(-) diff --git a/src/main/resources/taiga/taiga-back-deployment.yaml b/src/main/resources/taiga/taiga-back-deployment.yaml index 36ff068..e3dcea6 100644 --- a/src/main/resources/taiga/taiga-back-deployment.yaml +++ b/src/main/resources/taiga/taiga-back-deployment.yaml @@ -15,53 +15,9 @@ spec: labels: app: taiga spec: - initContainers: # ToDo: this needs to run only once! - - name: taiga-manage - image: taigaio/taiga-back:latest - imagePullPolicy: IfNotPresent - ports: # ToDo: we may need to check for the DB pod to be live - - name: http - containerPort: 80 - command: - - python manage.py && python manage.py createsuperuser - volumeMounts: - - name: taiga-static - mountPath: /taiga-back/static - readOnly: false - - name: taiga-media - mountPath: /taiga-back/media - readOnly: false - envFrom: - - configMapRef: - name: taiga-configmap - - secretRef: - name: taiga-secret - - secretRef: - name: taiga-rabbitmq-secret - env: - - name: POSTGRES_USER # ToDo: Does taiga need a specific postgres version? Maybe test this - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-user - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-password - - name: POSTGRES_DB - valueFrom: - configMapKeyRef: - name: postgres-config - key: postgres-db - - name: POSTGRES_HOST - value: "postgresql-service" - - name: POSTGRES_PORT - value: "5432" - - name: CELERY_ENABLED - value: "false" containers: - name: taiga-back + command: ["/taiga-back/entrypoint.sh"] image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: From f4c2691740f1be33a97c4866c7e8dedeaea35012 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 12:28:02 +0200 Subject: [PATCH 06/60] Update fqdns --- src/main/resources/taiga/certificate.yaml | 4 ++-- src/main/resources/taiga/ingress.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/resources/taiga/certificate.yaml b/src/main/resources/taiga/certificate.yaml index 3fc00e3..89bc752 100644 --- a/src/main/resources/taiga/certificate.yaml +++ b/src/main/resources/taiga/certificate.yaml @@ -7,11 +7,11 @@ metadata: namespace: default spec: secretName: c4k-common-cert - commonName: jitsi.test.meissa.de + commonName: taiga.test.meissa.de duration: 2160h # 90d renewBefore: 720h # 30d dnsNames: - - jitsi.test.meissa.de + - taiga.test.meissa.de issuerRef: name: staging kind: ClusterIssuer diff --git a/src/main/resources/taiga/ingress.yaml b/src/main/resources/taiga/ingress.yaml index 0133b07..31b7fe4 100644 --- a/src/main/resources/taiga/ingress.yaml +++ b/src/main/resources/taiga/ingress.yaml @@ -12,10 +12,10 @@ metadata: spec: tls: - hosts: - - jitsi.test.meissa.de + - taiga.test.meissa.de secretName: c4k-common-cert rules: - - host: jitsi.test.meissa.de + - host: taiga.test.meissa.de http: paths: - pathType: Prefix From 61f3a0b1784044c0f3a85999e7ff756ab5203a2f Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 12:28:24 +0200 Subject: [PATCH 07/60] Get vars from configmap --- src/main/resources/taiga/taiga-configmap.yaml | 19 +++++++++++++++++-- .../taiga/taiga-front-deployment.yaml | 17 +++++++++++++---- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index 2a592e6..8b18429 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -9,7 +9,7 @@ data: # Taiga settings TAIGA_SITES_SCHEME: https - TAIGA_SITES_DOMAIN: jitsi.test.meissa.de + TAIGA_SITES_DOMAIN: taiga.test.meissa.de TAIGA_SUBPATH: "" # Email settings. @@ -30,4 +30,19 @@ data: # RABBITMQ_URL: RABBITMQ_URL_VALUE # found in https://github.com/kaleidos-ventures/taiga-events/blob/main/docker/env.template # Taiga Async Settings - # CELERY_BROKER_URL: CELERY_URL_VALUE \ No newline at end of file + # CELERY_BROKER_URL: CELERY_URL_VALUE + + # Taiga Front Settings + TAIGA_URL: https://taiga.test.meissa.de + TAIGA_SUBPATH: "" + TAIGA_WEBSOCKETS_URL: wss://taiga.test.meissa.de + PUBLIC_REGISTER_ENABLED: "true" + CONTRIB_PLUGINS: "" + GITHUB_CLIENT_ID: "" + GITLAB_CLIENT_ID: "" + GITLAB_URL: "" + ENABLE_GITHUB_IMPORTER: "false" + ENABLE_JIRA_IMPORTER: "false" + ENABLE_TRELLO_IMPORTER: "false" + + diff --git a/src/main/resources/taiga/taiga-front-deployment.yaml b/src/main/resources/taiga/taiga-front-deployment.yaml index 9dbb527..2600cc4 100644 --- a/src/main/resources/taiga/taiga-front-deployment.yaml +++ b/src/main/resources/taiga/taiga-front-deployment.yaml @@ -24,8 +24,17 @@ spec: containerPort: 80 env: - name: TAIGA_URL - value: https://jitsi.test.meissa.de - - name: TAIGA_WEBSOCKETS_URL - value: https://jitsi.test.meissa.de + valueFrom: + configMapKeyRef: + name: taiga-configmap + key: TAIGA_URL - name: TAIGA_SUBPATH - value: "" + valueFrom: + configMapKeyRef: + name: taiga-configmap + key: TAIGA_SUBPATH + - name: TAIGA_WEBSOCKETS_URL + valueFrom: + configMapKeyRef: + name: taiga-configmap + key: TAIGA_WEBSOCKETS_URL From eafab1623f1f883dfe0ff019d9a7211f1dba1d13 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 12:28:41 +0200 Subject: [PATCH 08/60] Update command --- src/main/resources/taiga/taiga-back-deployment.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/resources/taiga/taiga-back-deployment.yaml b/src/main/resources/taiga/taiga-back-deployment.yaml index e3dcea6..ed9fa83 100644 --- a/src/main/resources/taiga/taiga-back-deployment.yaml +++ b/src/main/resources/taiga/taiga-back-deployment.yaml @@ -17,7 +17,8 @@ spec: spec: containers: - name: taiga-back - command: ["/taiga-back/entrypoint.sh"] + command: + - /taiga-back/docker/entrypoint.sh image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: From 068694e57aad20ca8ce9d6cc7bb086fdfdeddffc Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 12:28:53 +0200 Subject: [PATCH 09/60] Document changes --- src/main/resources/taiga/donotapply/changes-made.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md index 67efa8b..563b6af 100644 --- a/src/main/resources/taiga/donotapply/changes-made.md +++ b/src/main/resources/taiga/donotapply/changes-made.md @@ -10,4 +10,8 @@ Increase storage to 8Gi in pvc.yaml Change storageClassName to local-path in pvc.yaml Correct volume names in async, back, gateway Use service name as address in taiga-gateway-configmap.yaml -Correct reference to taiga-configmap and taiga-secret in taiga-back-deployment \ No newline at end of file +Correct reference to taiga-configmap and taiga-secret in taiga-back-deployment +Remove init-container in taiga-back-deployment +Update command in taiga-back-deployment to ["/taiga-back/docker/entrypoint.sh"] +Update command in taiga-back-deployment to command: ["/taiga-back/docker/entrypoint.sh && python manage.py createsupersuer"] +Extend configmap in taiga-config map by values for taiga-front # we may want to check CAPITALIZATION of KW before starting work in c4k code \ No newline at end of file From e6fbd6d5dc10281294ded67f4c23e1f18cee7632 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 13:12:15 +0200 Subject: [PATCH 10/60] remove -service suffix --- src/main/resources/taiga/donotapply/changes-made.md | 10 +++++++++- src/main/resources/taiga/ingress.yaml | 2 +- .../taiga/taiga-async-rabbitmq-deployment.yaml | 7 +++++-- .../resources/taiga/taiga-async-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/taiga-async-service.yaml | 2 +- src/main/resources/taiga/taiga-back-service.yaml | 2 +- .../resources/taiga/taiga-events-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/taiga-events-service.yaml | 2 +- src/main/resources/taiga/taiga-front-service.yaml | 2 +- src/main/resources/taiga/taiga-gateway-configmap.yaml | 10 +++++----- src/main/resources/taiga/taiga-gateway-deployment.yaml | 1 + src/main/resources/taiga/taiga-gateway-service.yaml | 2 +- src/main/resources/taiga/taiga-protected-service.yaml | 2 +- src/main/resources/taiga/taiga-rabbitmq-secret.yaml | 3 ++- src/main/resources/taiga/taiga-secret.yaml | 2 +- 15 files changed, 32 insertions(+), 19 deletions(-) diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md index 563b6af..3578f9f 100644 --- a/src/main/resources/taiga/donotapply/changes-made.md +++ b/src/main/resources/taiga/donotapply/changes-made.md @@ -14,4 +14,12 @@ Correct reference to taiga-configmap and taiga-secret in taiga-back-deployment Remove init-container in taiga-back-deployment Update command in taiga-back-deployment to ["/taiga-back/docker/entrypoint.sh"] Update command in taiga-back-deployment to command: ["/taiga-back/docker/entrypoint.sh && python manage.py createsupersuer"] -Extend configmap in taiga-config map by values for taiga-front # we may want to check CAPITALIZATION of KW before starting work in c4k code \ No newline at end of file +Extend configmap in taiga-config map by values for taiga-front # we may want to check CAPITALIZATION of KW before starting work in c4k code +Rename taiga-async-rabbitmq-service to taiga-async-rabbitmq +Move erlang cookie to taiga-rabbitmq-secret in taiga-async-rabbitmq-deployment +Change value of RABBITMQ_DEFAULT_VHOST to taiga in taiga-async-rabbitmq-deployment +Change value of RABBITMQ_USER in taiga-secret.yaml to b64/encode taiga +Change value of RABBITMQ_DEFAULT_USER in taiga-rabbitmq-secret.yaml to b64/encode taiga +Remove -service suffix from all taiga service names +Remove -service suffix from all urls in taiga-gateway configmap +Remove -service suffix from ingress \ No newline at end of file diff --git a/src/main/resources/taiga/ingress.yaml b/src/main/resources/taiga/ingress.yaml index 31b7fe4..4a563ac 100644 --- a/src/main/resources/taiga/ingress.yaml +++ b/src/main/resources/taiga/ingress.yaml @@ -22,6 +22,6 @@ spec: path: "/" backend: service: - name: taiga-gateway-service + name: taiga-gateway port: number: 80 diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml index 0a3cb2d..d651a3c 100644 --- a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml @@ -38,9 +38,12 @@ spec: name: taiga-rabbitmq-secret key: RABBITMQ_DEFAULT_PASS - name: RABBITMQ_ERLANG_COOKIE - value: ERLANG_COOKIE_VALUE + valueFrom: + secretKeyRef: + name: taiga-rabbitmq-secret + key: RABBITMQ_ERLANG_COOKIE - name: RABBITMQ_DEFAULT_VHOST - value: RABBITMQ_VHOST + value: taiga volumes: - name: taiga-async-rabbitmq-data diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml b/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml index f62ce44..0844391 100644 --- a/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml +++ b/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-async-rabbitmq-service + name: taiga-async-rabbitmq labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-async-rabbitmq diff --git a/src/main/resources/taiga/taiga-async-service.yaml b/src/main/resources/taiga/taiga-async-service.yaml index e349899..b9176af 100644 --- a/src/main/resources/taiga/taiga-async-service.yaml +++ b/src/main/resources/taiga/taiga-async-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-async-service + name: taiga-async labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-async diff --git a/src/main/resources/taiga/taiga-back-service.yaml b/src/main/resources/taiga/taiga-back-service.yaml index 0d1ca19..369ed4a 100644 --- a/src/main/resources/taiga/taiga-back-service.yaml +++ b/src/main/resources/taiga/taiga-back-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-back-service + name: taiga-back labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-back diff --git a/src/main/resources/taiga/taiga-events-rabbitmq-service.yaml b/src/main/resources/taiga/taiga-events-rabbitmq-service.yaml index 6d0662c..2f542fc 100644 --- a/src/main/resources/taiga/taiga-events-rabbitmq-service.yaml +++ b/src/main/resources/taiga/taiga-events-rabbitmq-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-events-rabbitmq-service + name: taiga-events-rabbitmq labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-events-rabbitmq diff --git a/src/main/resources/taiga/taiga-events-service.yaml b/src/main/resources/taiga/taiga-events-service.yaml index 3d448b0..4ec0f51 100644 --- a/src/main/resources/taiga/taiga-events-service.yaml +++ b/src/main/resources/taiga/taiga-events-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-events-service + name: taiga-events labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-events diff --git a/src/main/resources/taiga/taiga-front-service.yaml b/src/main/resources/taiga/taiga-front-service.yaml index 6e857bb..d586429 100644 --- a/src/main/resources/taiga/taiga-front-service.yaml +++ b/src/main/resources/taiga/taiga-front-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-front-service + name: taiga-front labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-front diff --git a/src/main/resources/taiga/taiga-gateway-configmap.yaml b/src/main/resources/taiga/taiga-gateway-configmap.yaml index 283d7c2..7ae184d 100644 --- a/src/main/resources/taiga/taiga-gateway-configmap.yaml +++ b/src/main/resources/taiga/taiga-gateway-configmap.yaml @@ -12,7 +12,7 @@ data: # Frontend location / { - proxy_pass http://taiga-front-service/; + proxy_pass http://taiga-front/; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -22,7 +22,7 @@ data: # Api location /api { - proxy_pass http://taiga-back-service:8000/api; + proxy_pass http://taiga-back:8000/api; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -32,7 +32,7 @@ data: # Admin location /admin { - proxy_pass http://taiga-back-service:8000/admin; + proxy_pass http://taiga-back:8000/admin; proxy_pass_header Server; proxy_set_header Host $http_host; proxy_redirect off; @@ -64,13 +64,13 @@ data: proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://taiga-protected-service:8003/; + proxy_pass http://taiga-protected:8003/; proxy_redirect off; } # Events location /events { - proxy_pass http://taiga-events-service:8888/events; + proxy_pass http://taiga-events:8888/events; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/src/main/resources/taiga/taiga-gateway-deployment.yaml b/src/main/resources/taiga/taiga-gateway-deployment.yaml index dd9ab83..a3d4b49 100644 --- a/src/main/resources/taiga/taiga-gateway-deployment.yaml +++ b/src/main/resources/taiga/taiga-gateway-deployment.yaml @@ -26,6 +26,7 @@ spec: volumeMounts: - name: taiga-gateway-configmap mountPath: /etc/nginx/conf.d + readOnly: false - name: taiga-static mountPath: /taiga/static readOnly: false diff --git a/src/main/resources/taiga/taiga-gateway-service.yaml b/src/main/resources/taiga/taiga-gateway-service.yaml index cfcd524..441dedf 100644 --- a/src/main/resources/taiga/taiga-gateway-service.yaml +++ b/src/main/resources/taiga/taiga-gateway-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-gateway-service + name: taiga-gateway labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-gateway diff --git a/src/main/resources/taiga/taiga-protected-service.yaml b/src/main/resources/taiga/taiga-protected-service.yaml index d84f539..268d444 100644 --- a/src/main/resources/taiga/taiga-protected-service.yaml +++ b/src/main/resources/taiga/taiga-protected-service.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: taiga-protected-service + name: taiga-protected labels: app.kubernetes.part-of: c4k-taiga app.kubernetes.io/component: taiga-protected diff --git a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml index 359ac2b..d72223d 100644 --- a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml +++ b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml @@ -6,5 +6,6 @@ metadata: app.kubernetes.part-of: taiga data: # Rabbitmq settings - RABBITMQ_DEFAULT_USER: cmFiYml0 # ToDo: Evaluate if we need two different users and passes for rabbitmq + RABBITMQ_DEFAULT_USER: dGFpZ2E= # ToDo: Evaluate if we need two different users and passes for rabbitmq RABBITMQ_DEFAULT_PASS: cmFiYml0X3Bhc3M= + RABBITMQ_ERLANG_COOKIE: cmFiYml0X3Bhc3M= diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/taiga-secret.yaml index a3968f7..3f55a79 100644 --- a/src/main/resources/taiga/taiga-secret.yaml +++ b/src/main/resources/taiga/taiga-secret.yaml @@ -14,7 +14,7 @@ data: EMAIL_HOST_PASSWORD: YXNkZmFzZGY= # Rabbitmq settings - RABBITMQ_USER: cmFiYml0 + RABBITMQ_USER: dGFpZ2E= RABBITMQ_PASS: cmFiYml0X3Bhc3M= # Django settings From 77fce1e87df9986e1cd1a8b4e156d43ecf503a1e Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 13:51:54 +0200 Subject: [PATCH 11/60] Centralize values to configmap and secret --- .../taiga/taiga-async-rabbitmq-deployment.yaml | 7 ++++++- src/main/resources/taiga/taiga-configmap.yaml | 2 ++ .../taiga/taiga-events-rabbitmq-deployment.yaml | 10 ++++++++-- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml index d651a3c..1aff26a 100644 --- a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml @@ -27,6 +27,8 @@ spec: mountPath: /var/lib/rabbitmq readOnly: false env: + - name: RABBITMQ_LOGS + value: /opt/rabbitmq/logs.log - name: RABBITMQ_DEFAULT_USER valueFrom: secretKeyRef: @@ -43,7 +45,10 @@ spec: name: taiga-rabbitmq-secret key: RABBITMQ_ERLANG_COOKIE - name: RABBITMQ_DEFAULT_VHOST - value: taiga + valueFrom: + configMapKeyRef: + name: taiga-configmap + key: RABBITMQ_DEFAULT_VHOST volumes: - name: taiga-async-rabbitmq-data diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index 8b18429..f0cf061 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -45,4 +45,6 @@ data: ENABLE_JIRA_IMPORTER: "false" ENABLE_TRELLO_IMPORTER: "false" + # Rabbitmq settings + RABBITMQ_DEFAULT_VHOST: taiga diff --git a/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml b/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml index 01c640d..f04eff8 100644 --- a/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml @@ -28,9 +28,15 @@ spec: readOnly: false env: - name: RABBITMQ_ERLANG_COOKIE - value: erlang-cookie-name + valueFrom: + secretKeyRef: + name: taiga-secret + key: RABBITMQ_ERLANG_COOKIE - name: RABBITMQ_DEFAULT_VHOST - value: taiga + valueFrom: + configMapKeyRef: + name: taiga-configmap + key: RABBITMQ_DEFAULT_VHOST - name: RABBITMQ_USER valueFrom: secretKeyRef: From c52d2369b97cb08a15e04e3f098904e704d858a1 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 13:57:31 +0200 Subject: [PATCH 12/60] Move data from taiga-rabbitmq-secret to taiga-secret --- src/main/resources/taiga/donotapply/changes-made.md | 10 +++++++++- .../taiga/taiga-async-rabbitmq-deployment.yaml | 6 +++--- src/main/resources/taiga/taiga-back-deployment.yaml | 2 -- src/main/resources/taiga/taiga-configmap.yaml | 1 - src/main/resources/taiga/taiga-rabbitmq-secret.yaml | 11 ----------- src/main/resources/taiga/taiga-secret.yaml | 5 +++++ 6 files changed, 17 insertions(+), 18 deletions(-) delete mode 100644 src/main/resources/taiga/taiga-rabbitmq-secret.yaml diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md index 3578f9f..96d0f2b 100644 --- a/src/main/resources/taiga/donotapply/changes-made.md +++ b/src/main/resources/taiga/donotapply/changes-made.md @@ -22,4 +22,12 @@ Change value of RABBITMQ_USER in taiga-secret.yaml to b64/encode taiga Change value of RABBITMQ_DEFAULT_USER in taiga-rabbitmq-secret.yaml to b64/encode taiga Remove -service suffix from all taiga service names Remove -service suffix from all urls in taiga-gateway configmap -Remove -service suffix from ingress \ No newline at end of file +Remove -service suffix from ingress +Add - name: RABBITMQ_LOGS value: /opt/rabbitmq/logs.log in taiga-async-rabbitmq-deployment +Get RABBITMQ_ERLANG_COOKIE from taiga-secret in taiga-events-rabbitmq-deployment +Put RABBITMQ_DEFAULT_VHOST KV pair in taiga-configmap +Get RABBITMQ_DEFAULT_VHOST from taiga-configmap in taiga-events-rabbitmq-deployment +Get RABBITMQ_DEFAULT_VHOST from taiga-configmap in taiga-async-rabbitmq-deployment +Move all values from taiga-rabbitmq-secret to taiga-secret +Remove taiga-rabbitmq-secret from config +Rename all occurrences of taiga-rabbitmq-secret to taiga-secret \ No newline at end of file diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml index 1aff26a..c55cfad 100644 --- a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml @@ -32,17 +32,17 @@ spec: - name: RABBITMQ_DEFAULT_USER valueFrom: secretKeyRef: - name: taiga-rabbitmq-secret + name: taiga-secret key: RABBITMQ_DEFAULT_USER - name: RABBITMQ_DEFAULT_PASS valueFrom: secretKeyRef: - name: taiga-rabbitmq-secret + name: taiga-secret key: RABBITMQ_DEFAULT_PASS - name: RABBITMQ_ERLANG_COOKIE valueFrom: secretKeyRef: - name: taiga-rabbitmq-secret + name: taiga-secret key: RABBITMQ_ERLANG_COOKIE - name: RABBITMQ_DEFAULT_VHOST valueFrom: diff --git a/src/main/resources/taiga/taiga-back-deployment.yaml b/src/main/resources/taiga/taiga-back-deployment.yaml index ed9fa83..62d9584 100644 --- a/src/main/resources/taiga/taiga-back-deployment.yaml +++ b/src/main/resources/taiga/taiga-back-deployment.yaml @@ -36,8 +36,6 @@ spec: name: taiga-configmap - secretRef: name: taiga-secret - - secretRef: - name: taiga-rabbitmq-secret env: - name: POSTGRES_USER valueFrom: diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index f0cf061..32a9cf9 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -46,5 +46,4 @@ data: ENABLE_TRELLO_IMPORTER: "false" # Rabbitmq settings - RABBITMQ_DEFAULT_VHOST: taiga diff --git a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml b/src/main/resources/taiga/taiga-rabbitmq-secret.yaml deleted file mode 100644 index d72223d..0000000 --- a/src/main/resources/taiga/taiga-rabbitmq-secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: taiga-rabbitmq-secret - labels: - app.kubernetes.part-of: taiga -data: - # Rabbitmq settings - RABBITMQ_DEFAULT_USER: dGFpZ2E= # ToDo: Evaluate if we need two different users and passes for rabbitmq - RABBITMQ_DEFAULT_PASS: cmFiYml0X3Bhc3M= - RABBITMQ_ERLANG_COOKIE: cmFiYml0X3Bhc3M= diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/taiga-secret.yaml index 3f55a79..150eed9 100644 --- a/src/main/resources/taiga/taiga-secret.yaml +++ b/src/main/resources/taiga/taiga-secret.yaml @@ -20,3 +20,8 @@ data: # Django settings DJANGO_SUPERUSER_TAIGAADMIN: dGFpZ2E= DJANGO_SUPERUSER_PASSWORD: dGFpZ2FfcGFzcw== + + # Rabbitmq settings + RABBITMQ_DEFAULT_USER: dGFpZ2E= # ToDo: Evaluate if we need two different users and passes for rabbitmq + RABBITMQ_DEFAULT_PASS: cmFiYml0X3Bhc3M= + RABBITMQ_ERLANG_COOKIE: cmFiYml0X3Bhc3M= From 6d38a3eee34fb851458563a4ffef7aa7512667f0 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 14:05:40 +0200 Subject: [PATCH 13/60] Add session cookie settings --- src/main/resources/taiga/donotapply/changes-made.md | 3 ++- src/main/resources/taiga/taiga-configmap.yaml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/resources/taiga/donotapply/changes-made.md b/src/main/resources/taiga/donotapply/changes-made.md index 96d0f2b..1731d61 100644 --- a/src/main/resources/taiga/donotapply/changes-made.md +++ b/src/main/resources/taiga/donotapply/changes-made.md @@ -30,4 +30,5 @@ Get RABBITMQ_DEFAULT_VHOST from taiga-configmap in taiga-events-rabbitmq-deploym Get RABBITMQ_DEFAULT_VHOST from taiga-configmap in taiga-async-rabbitmq-deployment Move all values from taiga-rabbitmq-secret to taiga-secret Remove taiga-rabbitmq-secret from config -Rename all occurrences of taiga-rabbitmq-secret to taiga-secret \ No newline at end of file +Rename all occurrences of taiga-rabbitmq-secret to taiga-secret +Add SESSION_COOKIE_SECURE: "False" and CSRF_COOKIE_SECURE: "False" to taiga-configmap.yaml \ No newline at end of file diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/taiga-configmap.yaml index 32a9cf9..171a832 100644 --- a/src/main/resources/taiga/taiga-configmap.yaml +++ b/src/main/resources/taiga/taiga-configmap.yaml @@ -47,3 +47,6 @@ data: # Rabbitmq settings RABBITMQ_DEFAULT_VHOST: taiga + + SESSION_COOKIE_SECURE: "False" + CSRF_COOKIE_SECURE: "False" From 225f6d4d1068a56d3767933dfa51d9a4a702e51e Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 22 Aug 2023 14:57:21 +0200 Subject: [PATCH 14/60] Skip-CI Update PW --- src/main/resources/taiga/taiga-secret.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/taiga-secret.yaml index 150eed9..d0b9630 100644 --- a/src/main/resources/taiga/taiga-secret.yaml +++ b/src/main/resources/taiga/taiga-secret.yaml @@ -15,7 +15,7 @@ data: # Rabbitmq settings RABBITMQ_USER: dGFpZ2E= - RABBITMQ_PASS: cmFiYml0X3Bhc3M= + RABBITMQ_PASS: YXNkbGkzNDUzNDVnc2FkZmczNDVlNHJ0ZzM0 # Django settings DJANGO_SUPERUSER_TAIGAADMIN: dGFpZ2E= @@ -23,5 +23,5 @@ data: # Rabbitmq settings RABBITMQ_DEFAULT_USER: dGFpZ2E= # ToDo: Evaluate if we need two different users and passes for rabbitmq - RABBITMQ_DEFAULT_PASS: cmFiYml0X3Bhc3M= - RABBITMQ_ERLANG_COOKIE: cmFiYml0X3Bhc3M= + RABBITMQ_DEFAULT_PASS: YXNkbGkzNDUzNDVnc2FkZmczNDVlNHJ0ZzM0 + RABBITMQ_ERLANG_COOKIE: YXNkZmhhczM0MnNkbjM= From 6fe4435edb7bb01b1e4f12288c69c3345f259465 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 23 Aug 2023 15:04:50 +0200 Subject: [PATCH 15/60] Skip-CI Format --- src/main/resources/taiga/taiga-async-rabbitmq-service.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml b/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml index 0844391..dc8a1e1 100644 --- a/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml +++ b/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml @@ -14,5 +14,4 @@ spec: - name: amqp targetPort: amqp port: 5672 - protocol: TCP - \ No newline at end of file + protocol: TCP From 80fb8fc20aa8fa83eb380d844e4961875039786a Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 11:04:18 +0200 Subject: [PATCH 16/60] Rename test folder --- src/test/cljc/dda/{c4k_website => c4k_taiga}/core_test.cljc | 2 +- src/test/cljc/dda/{c4k_website => c4k_taiga}/website_test.cljc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename src/test/cljc/dda/{c4k_website => c4k_taiga}/core_test.cljc (99%) rename src/test/cljc/dda/{c4k_website => c4k_taiga}/website_test.cljc (99%) diff --git a/src/test/cljc/dda/c4k_website/core_test.cljc b/src/test/cljc/dda/c4k_taiga/core_test.cljc similarity index 99% rename from src/test/cljc/dda/c4k_website/core_test.cljc rename to src/test/cljc/dda/c4k_taiga/core_test.cljc index d51d28b..eb9da4e 100644 --- a/src/test/cljc/dda/c4k_website/core_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/core_test.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-website.core-test +(ns dda.c4k-taiga.core-test (:require #?(:cljs [shadow.resource :as rc]) #?(:clj [clojure.test :refer [deftest is are testing run-tests]] diff --git a/src/test/cljc/dda/c4k_website/website_test.cljc b/src/test/cljc/dda/c4k_taiga/website_test.cljc similarity index 99% rename from src/test/cljc/dda/c4k_website/website_test.cljc rename to src/test/cljc/dda/c4k_taiga/website_test.cljc index 8f19da8..f751d2b 100644 --- a/src/test/cljc/dda/c4k_website/website_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/website_test.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-website.website-test +(ns dda.c4k-taiga.website-test (:require #?(:clj [clojure.test :refer [deftest is are testing run-tests]] :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) From 6e5e2f2d5283b0c2dad582b26fd7f6a88f3e354c Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 11:19:56 +0200 Subject: [PATCH 17/60] Remove/Rename c4k-website code --- project.clj | 8 +- public/index.html | 2 +- shadow-cljs.edn | 2 +- src/main/cljc/dda/c4k_taiga/core.cljc | 4 +- src/main/cljc/dda/c4k_taiga/taiga.cljc | 14 ++ src/main/cljc/dda/c4k_taiga/website.cljc | 181 -------------- src/test/cljc/dda/c4k_taiga/core_test.cljc | 103 +------- src/test/cljc/dda/c4k_taiga/taiga_test.cljc | 12 + src/test/cljc/dda/c4k_taiga/website_test.cljc | 223 ------------------ 9 files changed, 35 insertions(+), 514 deletions(-) create mode 100644 src/main/cljc/dda/c4k_taiga/taiga.cljc delete mode 100644 src/main/cljc/dda/c4k_taiga/website.cljc create mode 100644 src/test/cljc/dda/c4k_taiga/taiga_test.cljc delete mode 100644 src/test/cljc/dda/c4k_taiga/website_test.cljc diff --git a/project.clj b/project.clj index 04e6925..da164fb 100644 --- a/project.clj +++ b/project.clj @@ -20,8 +20,8 @@ :dependencies [[dda/data-test "0.1.1"]]} :dev {:plugins [[lein-shell "0.5.0"]]} :uberjar {:aot :all - :main dda.c4k-website.uberjar - :uberjar-name "c4k-website-standalone.jar" + :main dda.c4k-taiga.uberjar + :uberjar-name "c4k-taiga-standalone.jar" :dependencies [[org.clojure/tools.cli "1.0.214"] [ch.qos.logback/logback-classic "1.4.5" :exclusions [com.sun.mail/javax.mail]] @@ -36,11 +36,11 @@ "native-image" "--report-unsupported-elements-at-runtime" "--initialize-at-build-time" - "-jar" "target/uberjar/c4k-website-standalone.jar" + "-jar" "target/uberjar/c4k-taiga-standalone.jar" "-H:ResourceConfigurationFiles=graalvm-resource-config.json" "-H:Log=registerResource" "-H:Name=target/graalvm/${:name}"] "inst" ["shell" "sh" "-c" - "lein uberjar && sudo install -m=755 target/uberjar/c4k-website-standalone.jar /usr/local/bin/c4k-website-standalone.jar"]}) + "lein uberjar && sudo install -m=755 target/uberjar/c4k-taiga-standalone.jar /usr/local/bin/c4k-taiga-standalone.jar"]}) diff --git a/public/index.html b/public/index.html index 99ea0c9..865aea6 100644 --- a/public/index.html +++ b/public/index.html @@ -3,7 +3,7 @@ - c4k-website + c4k-taiga diff --git a/shadow-cljs.edn b/shadow-cljs.edn index b8ceb62..b47c277 100644 --- a/shadow-cljs.edn +++ b/shadow-cljs.edn @@ -7,7 +7,7 @@ :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.0.1"] [hickory "0.7.1"]] :builds {:frontend {:target :browser - :modules {:main {:init-fn dda.c4k-website.browser/init}} + :modules {:main {:init-fn dda.c4k-taiga.browser/init}} :release {} :compiler-options {:optimizations :advanced}} :test {:target :node-test diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index 775e64f..402b086 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -16,11 +16,11 @@ (s/def ::mon-auth ::mon/mon-auth) ; ToDo -(def config? (s/keys :req-un +(def config? (s/keys :req-un [] :opt-un [::mon-cfg])) ; ToDo -(def auth? (s/keys :req-un +(def auth? (s/keys :req-un [] :opt-un [::mon-auth])) ; ToDo: diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc new file mode 100644 index 0000000..62cae82 --- /dev/null +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -0,0 +1,14 @@ +(ns dda.c4k-taiga.taiga + (:require + [clojure.spec.alpha :as s] + #?(:cljs [shadow.resource :as rc]) + #?(:clj [orchestra.core :refer [defn-spec]] + :cljs [orchestra.core :refer-macros [defn-spec]]) + #?(:clj [clojure.edn :as edn] + :cljs [cljs.reader :as edn]) + [dda.c4k-common.yaml :as yaml] + [dda.c4k-common.common :as cm] + [dda.c4k-common.base64 :as b64] + [dda.c4k-common.predicate :as pred] + [dda.c4k-common.ingress :as ing] + [clojure.string :as str])) \ No newline at end of file diff --git a/src/main/cljc/dda/c4k_taiga/website.cljc b/src/main/cljc/dda/c4k_taiga/website.cljc deleted file mode 100644 index 9126f81..0000000 --- a/src/main/cljc/dda/c4k_taiga/website.cljc +++ /dev/null @@ -1,181 +0,0 @@ -(ns dda.c4k-website.website - (:require - [clojure.spec.alpha :as s] - #?(:cljs [shadow.resource :as rc]) - #?(:clj [orchestra.core :refer [defn-spec]] - :cljs [orchestra.core :refer-macros [defn-spec]]) - #?(:clj [clojure.edn :as edn] - :cljs [cljs.reader :as edn]) - [dda.c4k-common.yaml :as yaml] - [dda.c4k-common.common :as cm] - [dda.c4k-common.base64 :as b64] - [dda.c4k-common.predicate :as pred] - [dda.c4k-common.ingress :as ing] - [clojure.string :as str])) - -; ToDo -(s/def ::issuer pred/letsencrypt-issuer?) - -; ToDo -(def config? (s/keys :req-un - :opt-un )) - -; ToDo -(def auth? (s/keys :req-un )) - -; ToDo -(defn-spec replace-dots-by-minus string? - [fqdn pred/fqdn-string?] - (str/replace fqdn #"\." "-")) - -(defn-spec generate-app-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-website")) - -(defn-spec generate-service-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-service")) - -(defn-spec generate-cert-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-cert")) - -(defn-spec generate-ingress-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-ingress")) - -; https://your.gitea.host/api/v1/repos///archive/.zip -(defn-spec generate-gitrepourl string? - [host pred/fqdn-string? - repo string? - user string? - branch string?] - (str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip")) - -; https://your.gitea.host/api/v1/repos///git/commits/HEAD -(defn-spec generate-gitcommiturl string? - [host pred/fqdn-string? - repo string? - user string?] - (str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD")) - -(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq? - [col pred/map-or-seq? - value-to-partly-match string? - value-to-inplace string?] - (clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %)) - (re-matches (re-pattern (str value-to-partly-match ".*")) %)) - (str/replace % value-to-partly-match value-to-inplace) %) - col)) - -(defn-spec replace-common-data pred/map-or-seq? - [resource-file string? - config websiteconfig?] - (let [{:keys [unique-name]} config] - (-> - (yaml/load-as-edn resource-file) - (assoc-in [:metadata :labels :app.kubernetes.part-of] (generate-app-name unique-name)) - (replace-all-matching-substrings-beginning-with "NAME" (replace-dots-by-minus unique-name))))) - -(defn-spec replace-build-data pred/map-or-seq? - [resource-file string? - config websiteconfig?] - (let [{:keys [sha256sum-output build-cpu-request build-cpu-limit build-memory-request build-memory-limit] - :or {build-cpu-request "500m" build-cpu-limit "1700m" build-memory-request "256Mi" build-memory-limit "512Mi"}} config] - (-> - (replace-common-data resource-file config) - (cm/replace-all-matching-values-by-new-value "CHECK_SUM" (get-hash-from-sha256sum-output sha256sum-output)) - (cm/replace-all-matching-values-by-new-value "SCRIPT_FILE" (get-file-name-from-sha256sum-output sha256sum-output)) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) - -#?(:cljs - (defmethod yaml/load-resource :website [resource-name] - (case resource-name - "website/nginx-configmap.yaml" (rc/inline "website/nginx-configmap.yaml") - "website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml") - "website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml") - "website/website-build-cron.yaml" (rc/inline "website/website-build-cron.yaml") - "website/website-build-secret.yaml" (rc/inline "website/website-build-secret.yaml") - "website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml") - "website/hashfile-volume.yaml" (rc/inline "website/hashfile-volume.yaml") - (throw (js/Error. "Undefined Resource!"))))) - -(defn-spec generate-nginx-deployment pred/map-or-seq? - [config websiteconfig?] - (replace-build-data "website/nginx-deployment.yaml" config)) - -(defn-spec generate-nginx-configmap pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [fqdns]} config] - (-> - (replace-common-data "website/nginx-configmap.yaml" config) - (#(assoc-in % - [:data :website.conf] - (str/replace - (-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";"))))))) - -(defn-spec generate-nginx-service pred/map-or-seq? - [config websiteconfig?] - (replace-common-data "website/nginx-service.yaml" config)) - -(defn-spec generate-website-content-volume pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [volume-size] - :or {volume-size "3"}} config] - (-> - (replace-common-data "website/website-content-volume.yaml" config) - (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) - -(defn-spec generate-hashfile-volume pred/map-or-seq? - [config websiteconfig?] - (replace-common-data "website/hashfile-volume.yaml" config)) - - -(defn-spec generate-website-ingress pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name fqdns]} config] - (ing/generate-ingress {:fqdns fqdns - :app-name (generate-app-name unique-name) - :ingress-name (generate-ingress-name unique-name) - :service-name (generate-service-name unique-name) - :service-port 80}))) - -(defn-spec generate-website-certificate pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name issuer fqdns] - :or {issuer "staging"}} config] - (ing/generate-certificate {:fqdns fqdns - :app-name (generate-app-name unique-name) - :cert-name (generate-cert-name unique-name) - :issuer issuer}))) - -(defn-spec generate-website-build-cron pred/map-or-seq? - [config websiteconfig?] - (replace-build-data "website/website-build-cron.yaml" config)) - -(defn-spec generate-website-build-secret pred/map-or-seq? - [config websiteconfig? - auth websiteauth?] - (let [{:keys [gitea-host - gitea-repo - branchname]} config - {:keys [authtoken - username]} auth] - (-> - (replace-common-data "website/website-build-secret.yaml" config) - (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) - (cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode - (generate-gitrepourl - gitea-host - gitea-repo - username - branchname))) - (cm/replace-all-matching-values-by-new-value "COMMITURL" (b64/encode - (generate-gitcommiturl - gitea-host - gitea-repo - username)))))) - diff --git a/src/test/cljc/dda/c4k_taiga/core_test.cljc b/src/test/cljc/dda/c4k_taiga/core_test.cljc index eb9da4e..0fbd619 100644 --- a/src/test/cljc/dda/c4k_taiga/core_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/core_test.cljc @@ -5,7 +5,7 @@ :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.alpha :as s] [dda.c4k-common.yaml :as yaml] - [dda.c4k-website.core :as cut] + [dda.c4k-taiga.core :as cut] [clojure.spec.alpha :as s])) #?(:cljs @@ -18,104 +18,3 @@ (deftest validate-valid-resources (is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml"))) (is (s/valid? cut/auth? (yaml/load-as-edn "website-test/valid-auth.yaml")))) - -(def websites1 - {:websites - [{:unique-name "example.io" - :fqdns ["example.org", "www.example.com"] - :gitea-host "finegitehost.net" - :gitea-repo "repo" - :branchname "main"} - {:unique-name "test.io" - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"] - :gitea-host "gitlab.de" - :gitea-repo "repo" - :branchname "main"}]}) - -(def websites2 - {:websites - [{:unique-name "test.io" - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"] - :gitea-host "gitlab.de" - :gitea-repo "repo" - :branchname "main"} - {:unique-name "example.io" - :fqdns ["example.org", "www.example.com"] - :gitea-host "finegitehost.net" - :gitea-repo "repo" - :branchname "main"}]}) - -(def auth1 - {:auth - [{:unique-name "example.io" - :username "someuser" - :authtoken "abedjgbasdodj"} - {:unique-name "test.io" - :username "someuser" - :authtoken "abedjgbasdodj"}]}) - -(def auth2 - {:auth - [{:unique-name "test.io" - :username "someuser" - :authtoken "abedjgbasdodj"} - {:unique-name "example.io" - :username "someuser" - :authtoken "abedjgbasdodj"}]}) - -(def flattened-and-reduced-config - {:unique-name "example.io", - :fqdns ["example.org" "www.example.com"], - :gitea-host "finegitehost.net", - :gitea-repo "repo", - :branchname "main"}) - -(def flattened-and-reduced-auth - {:unique-name "example.io", - :username "someuser", - :authtoken "abedjgbasdodj"}) - -(deftest sorts-config - (is (= {:issuer "staging", - :websites - [{:unique-name "example.io", - :fqdns ["example.org" "www.example.com"], - :gitea-host "finegitehost.net", - :gitea-repo "repo", - :branchname "main"}, - {:unique-name "test.io", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-host "gitlab.de", - :gitea-repo "repo", - :branchname "main", - :sha256sum-output "123456789ab123cd345de script-file-name.sh"}], - :mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}} - (cut/sort-config - {:issuer "staging", - :websites - [{:unique-name "test.io", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-host "gitlab.de", - :gitea-repo "repo", - :branchname "main", - :sha256sum-output "123456789ab123cd345de script-file-name.sh"} - {:unique-name "example.io", - :fqdns ["example.org" "www.example.com"], - :gitea-host "finegitehost.net", - :gitea-repo "repo", - :branchname "main"}], - :mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}})))) - -(deftest test-flatten-and-reduce-config - (is (= - flattened-and-reduced-config - (cut/flatten-and-reduce-config (cut/sort-config websites1)))) - (is (= - flattened-and-reduced-config - (cut/flatten-and-reduce-config (cut/sort-config websites2))))) - -(deftest test-flatten-and-reduce-auth - (is (= flattened-and-reduced-auth - (cut/flatten-and-reduce-auth (cut/sort-auth auth1)))) - (is (= flattened-and-reduced-auth - (cut/flatten-and-reduce-auth (cut/sort-auth auth2))))) diff --git a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc new file mode 100644 index 0000000..72cfb9e --- /dev/null +++ b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc @@ -0,0 +1,12 @@ +(ns dda.c4k-taiga.taiga-test + (:require + #?(:cljs [shadow.resource :as rc]) + #?(:clj [clojure.test :refer [deftest is are testing run-tests]] + :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) + [clojure.spec.alpha :as s] + [dda.c4k-common.yaml :as yaml] + [dda.c4k-taiga.core :as cut] + [clojure.spec.alpha :as s])) + +(deftest dummy-taiga-test + (is true)) \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_taiga/website_test.cljc b/src/test/cljc/dda/c4k_taiga/website_test.cljc deleted file mode 100644 index f751d2b..0000000 --- a/src/test/cljc/dda/c4k_taiga/website_test.cljc +++ /dev/null @@ -1,223 +0,0 @@ -(ns dda.c4k-taiga.website-test - (:require - #?(:clj [clojure.test :refer [deftest is are testing run-tests]] - :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) - [clojure.spec.test.alpha :as st] - [dda.c4k-common.test-helper :as th] - [dda.c4k-common.base64 :as b64] - [dda.c4k-website.website :as cut] - [clojure.spec.alpha :as s])) - -(st/instrument `cut/generate-nginx-configmap) -(st/instrument `cut/generate-nginx-deployment) -(st/instrument `cut/generate-nginx-service) -(st/instrument `cut/generate-website-content-volume) -(st/instrument `cut/generate-hashfile-volume) -(st/instrument `cut/generate-website-ingress) -(st/instrument `cut/generate-website-certificate) -(st/instrument `cut/generate-website-build-cron) -(st/instrument `cut/generate-website-build-secret) - -(deftest should-generate-nginx-configmap-website - (is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n" - (:website.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= "types {\n text/html html htm shtml;\n text/css css;\n text/xml xml rss;\n image/gif gif;\n image/jpeg jpeg jpg;\n application/x-javascript js;\n text/plain txt;\n text/x-component htc;\n text/mathml mml;\n image/svg+xml svg svgz;\n image/png png;\n image/x-icon ico;\n image/x-jng jng;\n image/vnd.wap.wbmp wbmp;\n application/java-archive jar war ear;\n application/mac-binhex40 hqx;\n application/pdf pdf;\n application/x-cocoa cco;\n application/x-java-archive-diff jardiff;\n application/x-java-jnlp-file jnlp;\n application/x-makeself run;\n application/x-perl pl pm;\n application/x-pilot prc pdb;\n application/x-rar-compressed rar;\n application/x-redhat-package-manager rpm;\n application/x-sea sea;\n application/x-shockwave-flash swf;\n application/x-stuffit sit;\n application/x-tcl tcl tk;\n application/x-x509-ca-cert der pem crt;\n application/x-xpinstall xpi;\n application/zip zip;\n application/octet-stream deb;\n application/octet-stream bin exe dll;\n application/octet-stream dmg;\n application/octet-stream eot;\n application/octet-stream iso img;\n application/octet-stream msi msp msm;\n audio/mpeg mp3;\n audio/x-realaudio ra;\n video/mpeg mpeg mpg;\n video/quicktime mov;\n video/x-flv flv;\n video/x-msvideo avi;\n video/x-ms-wmv wmv;\n video/x-ms-asf asx asf;\n video/x-mng mng;\n}\n" - (:mime.types (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n" - (:nginx.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= {:apiVersion "v1", - :kind "ConfigMap", - :metadata {:name "test-io-configmap", - :labels {:app.kubernetes.part-of "test-io-website"}, - :namespace "default"}} - (dissoc (cut/generate-nginx-configmap {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data)))) - -(deftest should-generate-nginx-deployment - (is (= {:apiVersion "apps/v1", - :kind "Deployment", - :metadata {:name "test-io-deployment", :labels {:app.kubernetes.part-of "test-io-website"}}, - :spec - {:replicas 1, - :selector {:matchLabels {:app "test-io-nginx"}}, - :template - {:metadata {:labels {:app "test-io-nginx"}}, - :spec - {:containers - [{:name "test-io-nginx", - :image "nginx:latest", - :imagePullPolicy "IfNotPresent", - :ports [{:containerPort 80}], - :volumeMounts - [{:mountPath "/etc/nginx", :readOnly true, :name "nginx-config-volume"} - {:mountPath "/var/log/nginx", :name "log"} - {:mountPath "/var/www/html/website", :name "content-volume", :readOnly true}]}], - :initContainers - [{:image "domaindrivenarchitecture/c4k-website-build", - :name "test-io-init-build-container", - :imagePullPolicy "IfNotPresent", - :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, - :command ["/entrypoint.sh"], - :envFrom [{:secretRef {:name "test-io-secret"}}], - :env [{:name "SHA256SUM", :value "123456789ab123cd345de"} {:name "SCRIPTFILE", :value "script-file-name.sh"}], - :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} - {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], - :volumes - [{:name "nginx-config-volume", - :configMap - {:name "test-io-configmap", - :items - [{:key "nginx.conf", :path "nginx.conf"} - {:key "website.conf", :path "conf.d/website.conf"} - {:key "mime.types", :path "mime.types"}]}} - {:name "log", :emptyDir {}} - {:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} - {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}]}}}} - (cut/generate-nginx-deployment {:gitea-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io"})))) - -(deftest should-generate-resource-requests - (is (= {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}} - (-> (cut/generate-nginx-deployment {:gitea-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io"}) - :spec :template :spec :initContainers first :resources ))) - (is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}} - (-> (cut/generate-nginx-deployment {:gitea-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io" - :build-cpu-request "1500m" - :build-cpu-limit "3000m" - :build-memory-request "512Mi" - :build-memory-limit "1024Mi"}) - :spec :template :spec :initContainers first :resources)))) - -(deftest should-generate-nginx-service - (is (= {:name-c1 "test-io-service", - :name-c2 "test-org-service", - :app-c1 "test-io-nginx", - :app-c2 "test-org-nginx", - :app.kubernetes.part-of-c1 "test-io-website", - :app.kubernetes.part-of-c2 "test-org-website"} - (th/map-diff (cut/generate-nginx-service {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-nginx-service {:unique-name "test.org", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - -(deftest should-generate-website-build-cron - (is (= {:apiVersion "batch/v1", - :kind "CronJob", - :metadata {:name "test-io-build-cron", :labels {:app.kubernetes.part-of "test-io-website"}}, - :spec - {:schedule "0/7 * * * *", - :successfulJobsHistoryLimit 1, - :failedJobsHistoryLimit 1, - :jobTemplate - {:spec - {:template - {:spec - {:containers - [{:image "domaindrivenarchitecture/c4k-website-build", - :name "test-io-build-app", - :imagePullPolicy "IfNotPresent", - :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, - :command ["/entrypoint.sh"], - :envFrom [{:secretRef {:name "test-io-secret"}}], - :env [{:name "SHA256SUM", :value "123456789ab123cd345de"} {:name "SCRIPTFILE", :value "script-file-name.sh"}], - :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} - {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], - :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} - {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}], - :restartPolicy "OnFailure"}}}}}} - (cut/generate-website-build-cron {:gitea-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io"})))) - -(deftest should-generate-website-build-secret - (is (= {:apiVersion "v1", - :kind "Secret", - :metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io-website"}}, - :data - {:AUTHTOKEN "YWJlZGpnYmFzZG9kag==", - :GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==", - :GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}} - (cut/generate-website-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :gitea-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io", - :gitea-host "gitlab.de"} - {:unique-name "test.io", - :authtoken "abedjgbasdodj", - :username "someuser"})))) - -(deftest should-generate-website-content-volume - (is (= {:name-c1 "test-io-content-volume", - :name-c2 "test-org-content-volume", - :app-c1 "test-io-nginx", - :app-c2 "test-org-nginx", - :app.kubernetes.part-of-c1 "test-io-website", - :app.kubernetes.part-of-c2 "test-org-website"} - (th/map-diff (cut/generate-website-content-volume {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-website-content-volume {:unique-name "test.org", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - -(deftest should-generate-hashfile-volume - (is (= {:apiVersion "v1", - :kind "PersistentVolumeClaim", - :metadata - {:name "test-io-hashfile-volume", - :namespace "default", - :labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io-website"}}, - :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}} - (cut/generate-hashfile-volume {:unique-name "test.io", - :gitea-host "gitea.evilorg", - :gitea-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))) From 2bd13d61fd894ea162871d439f54d63c3daccb59 Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 11:26:26 +0200 Subject: [PATCH 18/60] Remove website resources --- .../resources/website/hashfile-volume.yaml | 16 --- .../resources/website/nginx-configmap.yaml | 97 ------------------- .../resources/website/nginx-deployment.yaml | 76 --------------- src/main/resources/website/nginx-service.yaml | 15 --- .../resources/website/website-build-cron.yaml | 48 --------- .../website/website-build-secret.yaml | 10 -- .../website/website-content-volume.yaml | 16 --- 7 files changed, 278 deletions(-) delete mode 100644 src/main/resources/website/hashfile-volume.yaml delete mode 100644 src/main/resources/website/nginx-configmap.yaml delete mode 100644 src/main/resources/website/nginx-deployment.yaml delete mode 100644 src/main/resources/website/nginx-service.yaml delete mode 100644 src/main/resources/website/website-build-cron.yaml delete mode 100644 src/main/resources/website/website-build-secret.yaml delete mode 100644 src/main/resources/website/website-content-volume.yaml diff --git a/src/main/resources/website/hashfile-volume.yaml b/src/main/resources/website/hashfile-volume.yaml deleted file mode 100644 index 99f35db..0000000 --- a/src/main/resources/website/hashfile-volume.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: NAME-hashfile-volume - namespace: default - labels: - app: NAME-nginx - app.kubernetes.part-of: NAME-website -spec: - storageClassName: local-path - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 16Mi - \ No newline at end of file diff --git a/src/main/resources/website/nginx-configmap.yaml b/src/main/resources/website/nginx-configmap.yaml deleted file mode 100644 index cd9a1dc..0000000 --- a/src/main/resources/website/nginx-configmap.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: NAME-configmap - namespace: default - labels: - app.kubernetes.part-of: NAME-website -data: - nginx.conf: | - user nginx; - worker_processes 3; - error_log /var/log/nginx/error.log; - pid /var/log/nginx/nginx.pid; - worker_rlimit_nofile 8192; - events { - worker_connections 4096; - } - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] $status' - '"$request" $body_bytes_sent "$http_referer"' - '"$http_user_agent" "$http_x_forwarded_for"'; - access_log /var/log/nginx/access.log main; - sendfile on; - tcp_nopush on; - keepalive_timeout 65; - server_names_hash_bucket_size 128; - include /etc/nginx/conf.d/website.conf; - } - mime.types: | - types { - text/html html htm shtml; - text/css css; - text/xml xml rss; - image/gif gif; - image/jpeg jpeg jpg; - application/x-javascript js; - text/plain txt; - text/x-component htc; - text/mathml mml; - image/svg+xml svg svgz; - image/png png; - image/x-icon ico; - image/x-jng jng; - image/vnd.wap.wbmp wbmp; - application/java-archive jar war ear; - application/mac-binhex40 hqx; - application/pdf pdf; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/zip zip; - application/octet-stream deb; - application/octet-stream bin exe dll; - application/octet-stream dmg; - application/octet-stream eot; - application/octet-stream iso img; - application/octet-stream msi msp msm; - audio/mpeg mp3; - audio/x-realaudio ra; - video/mpeg mpeg mpg; - video/quicktime mov; - video/x-flv flv; - video/x-msvideo avi; - video/x-ms-wmv wmv; - video/x-ms-asf asx asf; - video/x-mng mng; - } - website.conf: | - server { - listen 80 default_server; - listen [::]:80 default_server; - server_name FQDN - add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options nosniff; - add_header Referrer-Policy "strict-origin"; - # add_header Permissions-Policy "permissions here"; - root /var/www/html/website/; - index index.html; - location / { - try_files $uri $uri/ /index.html =404; - } - } - \ No newline at end of file diff --git a/src/main/resources/website/nginx-deployment.yaml b/src/main/resources/website/nginx-deployment.yaml deleted file mode 100644 index 9133cd2..0000000 --- a/src/main/resources/website/nginx-deployment.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: NAME-deployment - labels: - app.kubernetes.part-of: NAME-website -spec: - replicas: 1 - selector: - matchLabels: - app: NAME-nginx - template: - metadata: - labels: - app: NAME-nginx - spec: - containers: - - name: NAME-nginx - image: nginx:latest - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - volumeMounts: - - mountPath: /etc/nginx - readOnly: true - name: nginx-config-volume - - mountPath: /var/log/nginx - name: log - - mountPath: /var/www/html/website - name: content-volume - readOnly: true - initContainers: - - image: domaindrivenarchitecture/c4k-website-build - name: NAME-init-build-container - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: BUILD_CPU_REQUEST - memory: BUILD_MEMORY_REQUEST - limits: - cpu: BUILD_CPU_LIMIT - memory: BUILD_MEMORY_LIMIT - command: ["/entrypoint.sh"] - envFrom: - - secretRef: - name: NAME-secret - env: - - name: SHA256SUM - value: CHECK_SUM - - name: SCRIPTFILE - value: SCRIPT_FILE - volumeMounts: - - name: content-volume - mountPath: /var/www/html/website - - name: hashfile-volume - mountPath: /var/hashfile.d - volumes: - - name: nginx-config-volume - configMap: - name: NAME-configmap - items: - - key: nginx.conf - path: nginx.conf - - key: website.conf - path: conf.d/website.conf - - key: mime.types - path: mime.types - - name: log - emptyDir: {} - - name: content-volume - persistentVolumeClaim: - claimName: NAME-content-volume - - name: hashfile-volume - persistentVolumeClaim: - claimName: NAME-hashfile-volume - \ No newline at end of file diff --git a/src/main/resources/website/nginx-service.yaml b/src/main/resources/website/nginx-service.yaml deleted file mode 100644 index 36ab954..0000000 --- a/src/main/resources/website/nginx-service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: NAME-service - labels: - app: NAME-nginx - app.kubernetes.part-of: NAME-website - namespace: default -spec: - selector: - app: NAME-nginx - ports: - - name: nginx-http - port: 80 - \ No newline at end of file diff --git a/src/main/resources/website/website-build-cron.yaml b/src/main/resources/website/website-build-cron.yaml deleted file mode 100644 index 1c79d09..0000000 --- a/src/main/resources/website/website-build-cron.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: NAME-build-cron - labels: - app.kubernetes.part-of: NAME-website -spec: - schedule: "0/7 * * * *" - successfulJobsHistoryLimit: 1 - failedJobsHistoryLimit: 1 - jobTemplate: - spec: - template: - spec: - containers: - - image: domaindrivenarchitecture/c4k-website-build - name: NAME-build-app - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: BUILD_CPU_REQUEST - memory: BUILD_MEMORY_REQUEST - limits: - cpu: BUILD_CPU_LIMIT - memory: BUILD_MEMORY_LIMIT - command: ["/entrypoint.sh"] - envFrom: - - secretRef: - name: NAME-secret - env: - - name: SHA256SUM - value: CHECK_SUM - - name: SCRIPTFILE - value: SCRIPT_FILE - volumeMounts: - - name: content-volume - mountPath: /var/www/html/website - - name: hashfile-volume - mountPath: /var/hashfile.d - volumes: - - name: content-volume - persistentVolumeClaim: - claimName: NAME-content-volume - - name: hashfile-volume - persistentVolumeClaim: - claimName: NAME-hashfile-volume - restartPolicy: OnFailure - \ No newline at end of file diff --git a/src/main/resources/website/website-build-secret.yaml b/src/main/resources/website/website-build-secret.yaml deleted file mode 100644 index f173d46..0000000 --- a/src/main/resources/website/website-build-secret.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: NAME-secret - labels: - app.kubernetes.part-of: NAME-website -data: - AUTHTOKEN: TOKEN - GITREPOURL: REPOURL - GITCOMMITURL: COMMITURL diff --git a/src/main/resources/website/website-content-volume.yaml b/src/main/resources/website/website-content-volume.yaml deleted file mode 100644 index 4e6f130..0000000 --- a/src/main/resources/website/website-content-volume.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: NAME-content-volume - namespace: default - labels: - app: NAME-nginx - app.kubernetes.part-of: NAME-website -spec: - storageClassName: local-path - accessModes: - - ReadWriteOnce - resources: - requests: - storage: WEBSITESTORAGESIZE - \ No newline at end of file From 04d69a930b6035e3c13ae054776bb0ede976f236 Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 11:49:41 +0200 Subject: [PATCH 19/60] Generate common files c4k-common --- src/main/cljc/dda/c4k_taiga/core.cljc | 33 +++++------- src/main/cljc/dda/c4k_taiga/taiga.cljc | 35 ++++++++++++- src/main/resources/taiga/certificate.yaml | 18 ------- src/main/resources/taiga/config-8gb.yaml | 12 ----- src/main/resources/taiga/deployment.yaml | 51 ------------------- src/main/resources/taiga/ingress.yaml | 27 ---------- .../resources/taiga/persistent-volume.yaml | 14 ----- src/main/resources/taiga/pvc.yaml | 13 ----- src/main/resources/taiga/secret.yaml | 8 --- src/main/resources/taiga/service.yaml | 9 ---- src/test/cljc/dda/c4k_taiga/core_test.cljc | 6 +-- 11 files changed, 49 insertions(+), 177 deletions(-) delete mode 100644 src/main/resources/taiga/certificate.yaml delete mode 100644 src/main/resources/taiga/config-8gb.yaml delete mode 100644 src/main/resources/taiga/deployment.yaml delete mode 100644 src/main/resources/taiga/ingress.yaml delete mode 100644 src/main/resources/taiga/persistent-volume.yaml delete mode 100644 src/main/resources/taiga/pvc.yaml delete mode 100644 src/main/resources/taiga/secret.yaml delete mode 100644 src/main/resources/taiga/service.yaml diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index 402b086..5a1a769 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -7,33 +7,28 @@ [dda.c4k-common.common :as cm] [dda.c4k-common.predicate :as cp] [dda.c4k-common.monitoring :as mon] - [dda.c4k-taiga.taiga :as taiga])) + [dda.c4k-taiga.taiga :as taiga] + [dda.c4k-common.postgres :as postgres])) -(def config-defaults {:issuer "staging" - :volume-size "3"}) +(def default-storage-class :local-path) -(s/def ::mon-cfg ::mon/mon-cfg) -(s/def ::mon-auth ::mon/mon-auth) - -; ToDo -(def config? (s/keys :req-un [] - :opt-un [::mon-cfg])) - -; ToDo -(def auth? (s/keys :req-un [] - :opt-un [::mon-auth])) - -; ToDo: -(defn generate-configs [config auth]) +(def config? taiga/config?) +(def auth? taiga/auth?) (defn-spec k8s-objects cp/map-or-seq? - [config config? - auth auth?] + [config taiga/config? + auth taiga/auth?] (cm/concat-vec (map yaml/to-string (filter #(not (nil? %)) (cm/concat-vec - (generate-configs config auth) + [(postgres/generate-config {:postgres-size :8gb :db-name "taiga"}) + (postgres/generate-secret auth) + (postgres/generate-pvc {:pv-storage-size-gb 50 + :pvc-storage-class-name default-storage-class}) + (postgres/generate-deployment) + (postgres/generate-service)] + (taiga/generate-ingress-and-cert) (when (:contains? config :mon-cfg) (mon/generate (:mon-cfg config) (:mon-auth auth)))))))) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 62cae82..d5f2872 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -9,6 +9,37 @@ [dda.c4k-common.yaml :as yaml] [dda.c4k-common.common :as cm] [dda.c4k-common.base64 :as b64] - [dda.c4k-common.predicate :as pred] + [dda.c4k-common.predicate :as cp] + [dda.c4k-common.monitoring :as mon] + [dda.c4k-common.postgres :as postgres] [dda.c4k-common.ingress :as ing] - [clojure.string :as str])) \ No newline at end of file + [clojure.string :as str])) + + +(def config-defaults {:issuer "staging" + :volume-size "3"}) + +(s/def ::mon-cfg ::mon/mon-cfg) +(s/def ::mon-auth ::mon/mon-auth) + +(s/def ::fqdn cp/fqdn-string?) +(s/def ::issuer cp/letsencrypt-issuer?) +; TODO: Passwords + +(def config? (s/keys :req-un [::fqdn] + :opt-un [::issuer + ::pv-storage-size-gb + ::pvc-storage-class-name + ::mon-cfg])) + +(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password] + :opt-un [::mon-auth])) + + +(defn-spec generate-ingress-and-cert cp/map-or-seq? + [config config?] + (ing/generate-ingress-and-cert + (merge + {:service-name "taiga" + :service-port 80} + config))) \ No newline at end of file diff --git a/src/main/resources/taiga/certificate.yaml b/src/main/resources/taiga/certificate.yaml deleted file mode 100644 index 89bc752..0000000 --- a/src/main/resources/taiga/certificate.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: c4k-common-cert - labels: - app.kubernetes.part-of: c4k-common-app - namespace: default -spec: - secretName: c4k-common-cert - commonName: taiga.test.meissa.de - duration: 2160h # 90d - renewBefore: 720h # 30d - dnsNames: - - taiga.test.meissa.de - issuerRef: - name: staging - kind: ClusterIssuer - \ No newline at end of file diff --git a/src/main/resources/taiga/config-8gb.yaml b/src/main/resources/taiga/config-8gb.yaml deleted file mode 100644 index 07e3c06..0000000 --- a/src/main/resources/taiga/config-8gb.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgres-config - labels: - app: postgres -data: - postgres-db: postgres - postgresql.conf: | - max_connections = 700 - work_mem = 3MB - shared_buffers = 2048MB diff --git a/src/main/resources/taiga/deployment.yaml b/src/main/resources/taiga/deployment.yaml deleted file mode 100644 index 5b4bb4d..0000000 --- a/src/main/resources/taiga/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgresql -spec: - selector: - matchLabels: - app: postgresql - strategy: - type: Recreate - template: - metadata: - labels: - app: postgresql - spec: - containers: - - image: postgres - name: postgresql - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-user - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-password - - name: POSTGRES_DB - valueFrom: - configMapKeyRef: - name: postgres-config - key: postgres-db - ports: - - containerPort: 5432 - name: postgresql - volumeMounts: - - name: postgres-config-volume - mountPath: /etc/postgresql/postgresql.conf - subPath: postgresql.conf - readOnly: true - - name: postgre-data-volume - mountPath: /var/lib/postgresql/data - volumes: - - name: postgres-config-volume - configMap: - name: postgres-config - - name: postgre-data-volume - persistentVolumeClaim: - claimName: postgres-claim diff --git a/src/main/resources/taiga/ingress.yaml b/src/main/resources/taiga/ingress.yaml deleted file mode 100644 index 4a563ac..0000000 --- a/src/main/resources/taiga/ingress.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: c4k-common-https-ingress - namespace: default - labels: - app.kubernetes.part-of: c4k-common-app - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: web, websecure - traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd - metallb.universe.tf/address-pool: public -spec: - tls: - - hosts: - - taiga.test.meissa.de - secretName: c4k-common-cert - rules: - - host: taiga.test.meissa.de - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: taiga-gateway - port: - number: 80 diff --git a/src/main/resources/taiga/persistent-volume.yaml b/src/main/resources/taiga/persistent-volume.yaml deleted file mode 100644 index d811805..0000000 --- a/src/main/resources/taiga/persistent-volume.yaml +++ /dev/null @@ -1,14 +0,0 @@ -kind: PersistentVolume -apiVersion: v1 -metadata: - name: postgres-pv-volume - labels: - type: local -spec: - storageClassName: local-path - accessModes: - - ReadWriteOnce - capacity: - storage: 10Gi - hostPath: - path: "/var/postgres" \ No newline at end of file diff --git a/src/main/resources/taiga/pvc.yaml b/src/main/resources/taiga/pvc.yaml deleted file mode 100644 index 5f8ab88..0000000 --- a/src/main/resources/taiga/pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: postgres-claim - labels: - app: postgres -spec: - storageClassName: local-path - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi \ No newline at end of file diff --git a/src/main/resources/taiga/secret.yaml b/src/main/resources/taiga/secret.yaml deleted file mode 100644 index 8b368c4..0000000 --- a/src/main/resources/taiga/secret.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: postgres-secret -type: Opaque -data: - postgres-user: "cHNxbC11c2Vy" - postgres-password: "ZGZnc2RoNDU2NzdzZGZnc2RmZw==" diff --git a/src/main/resources/taiga/service.yaml b/src/main/resources/taiga/service.yaml deleted file mode 100644 index d67fea1..0000000 --- a/src/main/resources/taiga/service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: postgresql-service -spec: - selector: - app: postgresql - ports: - - port: 5432 diff --git a/src/test/cljc/dda/c4k_taiga/core_test.cljc b/src/test/cljc/dda/c4k_taiga/core_test.cljc index 0fbd619..a771259 100644 --- a/src/test/cljc/dda/c4k_taiga/core_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/core_test.cljc @@ -11,10 +11,8 @@ #?(:cljs (defmethod yaml/load-resource :website-test [resource-name] (case resource-name - "website-test/valid-auth.yaml" (rc/inline "website-test/valid-auth.yaml") - "website-test/valid-config.yaml" (rc/inline "website-test/valid-config.yaml") (throw (js/Error. "Undefined Resource!"))))) (deftest validate-valid-resources - (is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml"))) - (is (s/valid? cut/auth? (yaml/load-as-edn "website-test/valid-auth.yaml")))) + ;(is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml"))) + ) From 852055ad9d135c35391e4b863210acbc38be4632 Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 13:44:00 +0200 Subject: [PATCH 20/60] Remove "taiga-" prefix --- .../{taiga-async-deployment.yaml => async-deployment.yaml} | 5 ++--- ...bbitmq-deployment.yaml => async-rabbitmq-deployment.yaml} | 0 ...ync-rabbitmq-service.yaml => async-rabbitmq-service.yaml} | 0 .../taiga/{taiga-async-service.yaml => async-service.yaml} | 0 .../{taiga-back-deployment.yaml => back-deployment.yaml} | 0 .../taiga/{taiga-back-service.yaml => back-service.yaml} | 0 .../resources/taiga/{taiga-configmap.yaml => configmap.yaml} | 0 .../resources/taiga/{taiga-data-pvcs.yaml => data-pvcs.yaml} | 0 .../{taiga-events-deployment.yaml => events-deployment.yaml} | 0 ...bitmq-deployment.yaml => events-rabbitmq-deployment.yaml} | 0 ...ts-rabbitmq-service.yaml => events-rabbitmq-service.yaml} | 0 .../taiga/{taiga-events-service.yaml => events-service.yaml} | 0 .../{taiga-front-deployment.yaml => front-deployment.yaml} | 0 .../taiga/{taiga-front-service.yaml => front-service.yaml} | 0 .../{taiga-gateway-configmap.yaml => gateway-configmap.yaml} | 0 ...taiga-gateway-deployment.yaml => gateway-deployment.yaml} | 0 .../{taiga-gateway-service.yaml => gateway-service.yaml} | 0 ...a-protected-deployment.yaml => protected-deployment.yaml} | 0 .../{taiga-protected-service.yaml => protected-service.yaml} | 0 .../taiga/{taiga-rabbitmq-pvc.yaml => rabbitmq-pvc.yaml} | 0 src/main/resources/taiga/{taiga-secret.yaml => secret.yaml} | 0 21 files changed, 2 insertions(+), 3 deletions(-) rename src/main/resources/taiga/{taiga-async-deployment.yaml => async-deployment.yaml} (96%) rename src/main/resources/taiga/{taiga-async-rabbitmq-deployment.yaml => async-rabbitmq-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-async-rabbitmq-service.yaml => async-rabbitmq-service.yaml} (100%) rename src/main/resources/taiga/{taiga-async-service.yaml => async-service.yaml} (100%) rename src/main/resources/taiga/{taiga-back-deployment.yaml => back-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-back-service.yaml => back-service.yaml} (100%) rename src/main/resources/taiga/{taiga-configmap.yaml => configmap.yaml} (100%) rename src/main/resources/taiga/{taiga-data-pvcs.yaml => data-pvcs.yaml} (100%) rename src/main/resources/taiga/{taiga-events-deployment.yaml => events-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-events-rabbitmq-deployment.yaml => events-rabbitmq-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-events-rabbitmq-service.yaml => events-rabbitmq-service.yaml} (100%) rename src/main/resources/taiga/{taiga-events-service.yaml => events-service.yaml} (100%) rename src/main/resources/taiga/{taiga-front-deployment.yaml => front-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-front-service.yaml => front-service.yaml} (100%) rename src/main/resources/taiga/{taiga-gateway-configmap.yaml => gateway-configmap.yaml} (100%) rename src/main/resources/taiga/{taiga-gateway-deployment.yaml => gateway-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-gateway-service.yaml => gateway-service.yaml} (100%) rename src/main/resources/taiga/{taiga-protected-deployment.yaml => protected-deployment.yaml} (100%) rename src/main/resources/taiga/{taiga-protected-service.yaml => protected-service.yaml} (100%) rename src/main/resources/taiga/{taiga-rabbitmq-pvc.yaml => rabbitmq-pvc.yaml} (100%) rename src/main/resources/taiga/{taiga-secret.yaml => secret.yaml} (100%) diff --git a/src/main/resources/taiga/taiga-async-deployment.yaml b/src/main/resources/taiga/async-deployment.yaml similarity index 96% rename from src/main/resources/taiga/taiga-async-deployment.yaml rename to src/main/resources/taiga/async-deployment.yaml index 448ca4a..84e6f26 100644 --- a/src/main/resources/taiga/taiga-async-deployment.yaml +++ b/src/main/resources/taiga/async-deployment.yaml @@ -4,13 +4,13 @@ metadata: name: taiga-async-deployment labels: app.kubernetes.part-of: c4k-taiga - app.kubernetes.io/component: taiga-async + app.kubernetes.io/component: taiga-async spec: replicas: 1 selector: matchLabels: app: taiga - template: + template: metadata: labels: app: taiga @@ -55,7 +55,6 @@ spec: value: "postgresql-service" - name: POSTGRES_PORT value: "5432" - volumes: - name: taiga-static persistentVolumeClaim: diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml b/src/main/resources/taiga/async-rabbitmq-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-async-rabbitmq-deployment.yaml rename to src/main/resources/taiga/async-rabbitmq-deployment.yaml diff --git a/src/main/resources/taiga/taiga-async-rabbitmq-service.yaml b/src/main/resources/taiga/async-rabbitmq-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-async-rabbitmq-service.yaml rename to src/main/resources/taiga/async-rabbitmq-service.yaml diff --git a/src/main/resources/taiga/taiga-async-service.yaml b/src/main/resources/taiga/async-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-async-service.yaml rename to src/main/resources/taiga/async-service.yaml diff --git a/src/main/resources/taiga/taiga-back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-back-deployment.yaml rename to src/main/resources/taiga/back-deployment.yaml diff --git a/src/main/resources/taiga/taiga-back-service.yaml b/src/main/resources/taiga/back-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-back-service.yaml rename to src/main/resources/taiga/back-service.yaml diff --git a/src/main/resources/taiga/taiga-configmap.yaml b/src/main/resources/taiga/configmap.yaml similarity index 100% rename from src/main/resources/taiga/taiga-configmap.yaml rename to src/main/resources/taiga/configmap.yaml diff --git a/src/main/resources/taiga/taiga-data-pvcs.yaml b/src/main/resources/taiga/data-pvcs.yaml similarity index 100% rename from src/main/resources/taiga/taiga-data-pvcs.yaml rename to src/main/resources/taiga/data-pvcs.yaml diff --git a/src/main/resources/taiga/taiga-events-deployment.yaml b/src/main/resources/taiga/events-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-events-deployment.yaml rename to src/main/resources/taiga/events-deployment.yaml diff --git a/src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml b/src/main/resources/taiga/events-rabbitmq-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-events-rabbitmq-deployment.yaml rename to src/main/resources/taiga/events-rabbitmq-deployment.yaml diff --git a/src/main/resources/taiga/taiga-events-rabbitmq-service.yaml b/src/main/resources/taiga/events-rabbitmq-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-events-rabbitmq-service.yaml rename to src/main/resources/taiga/events-rabbitmq-service.yaml diff --git a/src/main/resources/taiga/taiga-events-service.yaml b/src/main/resources/taiga/events-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-events-service.yaml rename to src/main/resources/taiga/events-service.yaml diff --git a/src/main/resources/taiga/taiga-front-deployment.yaml b/src/main/resources/taiga/front-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-front-deployment.yaml rename to src/main/resources/taiga/front-deployment.yaml diff --git a/src/main/resources/taiga/taiga-front-service.yaml b/src/main/resources/taiga/front-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-front-service.yaml rename to src/main/resources/taiga/front-service.yaml diff --git a/src/main/resources/taiga/taiga-gateway-configmap.yaml b/src/main/resources/taiga/gateway-configmap.yaml similarity index 100% rename from src/main/resources/taiga/taiga-gateway-configmap.yaml rename to src/main/resources/taiga/gateway-configmap.yaml diff --git a/src/main/resources/taiga/taiga-gateway-deployment.yaml b/src/main/resources/taiga/gateway-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-gateway-deployment.yaml rename to src/main/resources/taiga/gateway-deployment.yaml diff --git a/src/main/resources/taiga/taiga-gateway-service.yaml b/src/main/resources/taiga/gateway-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-gateway-service.yaml rename to src/main/resources/taiga/gateway-service.yaml diff --git a/src/main/resources/taiga/taiga-protected-deployment.yaml b/src/main/resources/taiga/protected-deployment.yaml similarity index 100% rename from src/main/resources/taiga/taiga-protected-deployment.yaml rename to src/main/resources/taiga/protected-deployment.yaml diff --git a/src/main/resources/taiga/taiga-protected-service.yaml b/src/main/resources/taiga/protected-service.yaml similarity index 100% rename from src/main/resources/taiga/taiga-protected-service.yaml rename to src/main/resources/taiga/protected-service.yaml diff --git a/src/main/resources/taiga/taiga-rabbitmq-pvc.yaml b/src/main/resources/taiga/rabbitmq-pvc.yaml similarity index 100% rename from src/main/resources/taiga/taiga-rabbitmq-pvc.yaml rename to src/main/resources/taiga/rabbitmq-pvc.yaml diff --git a/src/main/resources/taiga/taiga-secret.yaml b/src/main/resources/taiga/secret.yaml similarity index 100% rename from src/main/resources/taiga/taiga-secret.yaml rename to src/main/resources/taiga/secret.yaml From b0710834258d1d44ef5a6a59d300d08971411cae Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 13:46:07 +0200 Subject: [PATCH 21/60] Fix Service selector labels --- src/main/resources/taiga/async-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/async-service.yaml | 2 +- src/main/resources/taiga/back-service.yaml | 2 +- src/main/resources/taiga/events-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/events-service.yaml | 2 +- src/main/resources/taiga/front-service.yaml | 2 +- src/main/resources/taiga/gateway-service.yaml | 2 +- src/main/resources/taiga/protected-service.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/main/resources/taiga/async-rabbitmq-service.yaml b/src/main/resources/taiga/async-rabbitmq-service.yaml index dc8a1e1..91950d4 100644 --- a/src/main/resources/taiga/async-rabbitmq-service.yaml +++ b/src/main/resources/taiga/async-rabbitmq-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-async-rabbitmq + app: taiga ports: - name: amqp targetPort: amqp diff --git a/src/main/resources/taiga/async-service.yaml b/src/main/resources/taiga/async-service.yaml index b9176af..5ce1ceb 100644 --- a/src/main/resources/taiga/async-service.yaml +++ b/src/main/resources/taiga/async-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-async + app: taiga ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/back-service.yaml b/src/main/resources/taiga/back-service.yaml index 369ed4a..3c6db7a 100644 --- a/src/main/resources/taiga/back-service.yaml +++ b/src/main/resources/taiga/back-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-back + app: taiga ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/events-rabbitmq-service.yaml b/src/main/resources/taiga/events-rabbitmq-service.yaml index 2f542fc..ce86f13 100644 --- a/src/main/resources/taiga/events-rabbitmq-service.yaml +++ b/src/main/resources/taiga/events-rabbitmq-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-events-rabbitmq + app: taiga ports: - name: amqp targetPort: amqp diff --git a/src/main/resources/taiga/events-service.yaml b/src/main/resources/taiga/events-service.yaml index 4ec0f51..37dd8aa 100644 --- a/src/main/resources/taiga/events-service.yaml +++ b/src/main/resources/taiga/events-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-events + app: taiga ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/front-service.yaml b/src/main/resources/taiga/front-service.yaml index d586429..97dcfb2 100644 --- a/src/main/resources/taiga/front-service.yaml +++ b/src/main/resources/taiga/front-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-front + app: taiga ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/gateway-service.yaml b/src/main/resources/taiga/gateway-service.yaml index 441dedf..7387138 100644 --- a/src/main/resources/taiga/gateway-service.yaml +++ b/src/main/resources/taiga/gateway-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-gateway + app: taiga ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/protected-service.yaml b/src/main/resources/taiga/protected-service.yaml index 268d444..ab2fdc9 100644 --- a/src/main/resources/taiga/protected-service.yaml +++ b/src/main/resources/taiga/protected-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app.kubernetes.io/component: taiga-protected + app: taiga ports: - name: http targetPort: http From 2f068104c8f4d839a97591ecfad9513fb970dcc4 Mon Sep 17 00:00:00 2001 From: bom Date: Thu, 24 Aug 2023 14:25:21 +0200 Subject: [PATCH 22/60] Add skeleton generation functions --- src/main/cljc/dda/c4k_taiga/core.cljc | 23 ++++++- src/main/cljc/dda/c4k_taiga/taiga.cljc | 93 +++++++++++++++++++++++++- 2 files changed, 114 insertions(+), 2 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index 5a1a769..baa529d 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -28,7 +28,28 @@ (postgres/generate-pvc {:pv-storage-size-gb 50 :pvc-storage-class-name default-storage-class}) (postgres/generate-deployment) - (postgres/generate-service)] + (postgres/generate-service) + ; TODO: Add configuration and authentication to relevant calls + (taiga/generate-async-rabbitmq-deployment) + (taiga/generate-async-rabbitmq-service) + (taiga/generate-async-service) + (taiga/generate-back-deployment) + (taiga/generate-back-service) + (taiga/generate-configmap) + (taiga/generate-data-pvcs) + (taiga/generate-events-deployment) + (taiga/generate-events-rabbitmq-deployment) + (taiga/generate-events-rabbitmq-service) + (taiga/generate-events-service) + (taiga/generate-front-deployment) + (taiga/generate-front-service) + (taiga/generate-gateway-configmap) + (taiga/generate-gateway-deployment) + (taiga/generate-gateway-service) + (taiga/generate-protected-deployment) + (taiga/generate-protected-service) + (taiga/generate-rabbitmq-pvc) + (taiga/generate-secret)] (taiga/generate-ingress-and-cert) (when (:contains? config :mon-cfg) (mon/generate (:mon-cfg config) (:mon-auth auth)))))))) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index d5f2872..831c0ef 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -36,10 +36,101 @@ :opt-un [::mon-auth])) +#?(:cljs + (defmethod yaml/load-resource :taiga [resource-name] + (case resource-name + "taiga/events-rabbitmq-deployment.yaml" (rc/inline "taiga/events-rabbitmq-deployment.yaml") + "taiga/gateway-deployment.yaml" (rc/inline "taiga/gateway-deployment.yaml") + "taiga/protected-deployment.yaml" (rc/inline "taiga/protected-deployment.yaml") + "taiga/gateway-configmap.yaml" (rc/inline "taiga/gateway-configmap.yaml") + "taiga/configmap.yaml" (rc/inline "taiga/configmap.yaml") + "taiga/async-service.yaml" (rc/inline "taiga/async-service.yaml") + "taiga/events-deployment.yaml" (rc/inline "taiga/events-deployment.yaml") + "taiga/async-deployment.yaml" (rc/inline "taiga/async-deployment.yaml") + "taiga/back-deployment.yaml" (rc/inline "taiga/back-deployment.yaml") + "taiga/front-deployment.yaml" (rc/inline "taiga/front-deployment.yaml") + "taiga/front-service.yaml" (rc/inline "taiga/front-service.yaml") + "taiga/gateway-service.yaml" (rc/inline "taiga/gateway-service.yaml") + "taiga/data-pvcs.yaml" (rc/inline "taiga/data-pvcs.yaml") + "taiga/async-rabbitmq-deployment.yaml" (rc/inline "taiga/async-rabbitmq-deployment.yaml") + "taiga/protected-service.yaml" (rc/inline "taiga/protected-service.yaml") + "taiga/secret.yaml" (rc/inline "taiga/secret.yaml") + "taiga/async-rabbitmq-service.yaml" (rc/inline "taiga/async-rabbitmq-service.yaml") + "taiga/events-service.yaml" (rc/inline "taiga/events-service.yaml") + "taiga/back-service.yaml" (rc/inline "taiga/back-service.yaml") + "taiga/events-rabbitmq-service.yaml" (rc/inline "taiga/events-rabbitmq-service.yaml") + "taiga/rabbitmq-pvc.yaml" (rc/inline "taiga/rabbitmq-pvc.yaml") + (throw (js/Error. "Undefined Resource!"))))) + (defn-spec generate-ingress-and-cert cp/map-or-seq? [config config?] (ing/generate-ingress-and-cert (merge {:service-name "taiga" :service-port 80} - config))) \ No newline at end of file + config))) + +; TODO: Check which ones need configuration or authentication information +(defn-spec generate-events-rabbitmq-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-deployment.yaml"))) + +(defn-spec generate-gateway-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/gateway-deployment.yaml"))) + +(defn-spec generate-protected-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/protected-deployment.yaml"))) + +(defn-spec generate-gateway-configmap cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/gateway-configmap.yaml"))) + +(defn-spec generate-configmap cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/configmap.yaml"))) + +(defn-spec generate-async-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-service.yaml"))) + +(defn-spec generate-events-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-deployment.yaml"))) + +(defn-spec generate-async-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-deployment.yaml"))) + +(defn-spec generate-back-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/back-deployment.yaml"))) + +(defn-spec generate-front-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/front-deployment.yaml"))) + +(defn-spec generate-front-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/front-service.yaml"))) + +(defn-spec generate-gateway-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/gateway-service.yaml"))) + +(defn-spec generate-data-pvcs cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/data-pvcs.yaml"))) + +(defn-spec generate-async-rabbitmq-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-deployment.yaml"))) + +(defn-spec generate-protected-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/protected-service.yaml"))) + +(defn-spec generate-secret cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/secret.yaml"))) + +(defn-spec generate-async-rabbitmq-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-service.yaml"))) + +(defn-spec generate-events-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-service.yaml"))) + +(defn-spec generate-back-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/back-service.yaml"))) + +(defn-spec generate-events-rabbitmq-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-service.yaml"))) + +(defn-spec generate-rabbitmq-pvc cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc.yaml"))) + From 8fc45d55621fb7db23c4f1b7539b893ec602ff53 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 11:18:55 +0200 Subject: [PATCH 23/60] Update vals --- src/test/resources/website-test/valid-auth.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/test/resources/website-test/valid-auth.yaml b/src/test/resources/website-test/valid-auth.yaml index de1fe08..c4316db 100644 --- a/src/test/resources/website-test/valid-auth.yaml +++ b/src/test/resources/website-test/valid-auth.yaml @@ -3,10 +3,11 @@ postgres-db-user: "forgejo" postgres-db-password: "forgejo-db-password" mailer-user: "" mailer-pw: "" +django-superuser-username: "taiga-admin" +django-superuser-password: "" +django-superuser-email: "some@example.com" rabbitmq-user: "" rabbitmq-pw: "" -django-superuser: "taiga-admin" -django-superuser-password: "" mon-auth: grafana-cloud-user: "user" grafana-cloud-password: "password" From 2994ed120520e2a12844dc7b4eb1212c74f3a968 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 11:19:35 +0200 Subject: [PATCH 24/60] Add vals --- src/main/resources/taiga/secret.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/main/resources/taiga/secret.yaml b/src/main/resources/taiga/secret.yaml index d0b9630..a551cf8 100644 --- a/src/main/resources/taiga/secret.yaml +++ b/src/main/resources/taiga/secret.yaml @@ -16,12 +16,9 @@ data: # Rabbitmq settings RABBITMQ_USER: dGFpZ2E= RABBITMQ_PASS: YXNkbGkzNDUzNDVnc2FkZmczNDVlNHJ0ZzM0 + RABBITMQ_ERLANG_COOKIE: YXNkZmhhczM0MnNkbjM= # Django settings - DJANGO_SUPERUSER_TAIGAADMIN: dGFpZ2E= + DJANGO_SUPERUSER_USERNAME: dGFpZ2E= DJANGO_SUPERUSER_PASSWORD: dGFpZ2FfcGFzcw== - - # Rabbitmq settings - RABBITMQ_DEFAULT_USER: dGFpZ2E= # ToDo: Evaluate if we need two different users and passes for rabbitmq - RABBITMQ_DEFAULT_PASS: YXNkbGkzNDUzNDVnc2FkZmczNDVlNHJ0ZzM0 - RABBITMQ_ERLANG_COOKIE: YXNkZmhhczM0MnNkbjM= + DJANGO_SUPERUSER_EMAIL: SUPERUSER_EMAIL From bcf3c81b0709b295c942a829a1474b4bbdadf019 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 11:20:49 +0200 Subject: [PATCH 25/60] Correct port --- src/main/resources/taiga/back-service.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/taiga/back-service.yaml b/src/main/resources/taiga/back-service.yaml index 3c6db7a..8306a2c 100644 --- a/src/main/resources/taiga/back-service.yaml +++ b/src/main/resources/taiga/back-service.yaml @@ -13,6 +13,6 @@ spec: ports: - name: http targetPort: http - port: 80 - protocol: TCP + port: 8000 + protocol: TCP \ No newline at end of file From 77d1827526d447e414ff520c34d9b1ea5cb7b500 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 11:21:59 +0200 Subject: [PATCH 26/60] Single rabbitmq user, remove env vars, add todos --- src/main/resources/taiga/async-rabbitmq-deployment.yaml | 6 ++---- src/main/resources/taiga/async-service.yaml | 2 +- src/main/resources/taiga/back-deployment.yaml | 1 + src/main/resources/taiga/configmap.yaml | 2 +- src/main/resources/taiga/data-pvcs.yaml | 8 ++++---- src/main/resources/taiga/events-deployment.yaml | 5 ----- src/main/resources/taiga/events-rabbitmq-deployment.yaml | 4 ++-- src/main/resources/taiga/rabbitmq-pvc.yaml | 8 ++++---- 8 files changed, 15 insertions(+), 21 deletions(-) diff --git a/src/main/resources/taiga/async-rabbitmq-deployment.yaml b/src/main/resources/taiga/async-rabbitmq-deployment.yaml index c55cfad..af02c46 100644 --- a/src/main/resources/taiga/async-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/async-rabbitmq-deployment.yaml @@ -27,18 +27,16 @@ spec: mountPath: /var/lib/rabbitmq readOnly: false env: - - name: RABBITMQ_LOGS - value: /opt/rabbitmq/logs.log - name: RABBITMQ_DEFAULT_USER valueFrom: secretKeyRef: name: taiga-secret - key: RABBITMQ_DEFAULT_USER + key: RABBITMQ_USER - name: RABBITMQ_DEFAULT_PASS valueFrom: secretKeyRef: name: taiga-secret - key: RABBITMQ_DEFAULT_PASS + key: RABBITMQ_PASS - name: RABBITMQ_ERLANG_COOKIE valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/async-service.yaml b/src/main/resources/taiga/async-service.yaml index 5ce1ceb..943056f 100644 --- a/src/main/resources/taiga/async-service.yaml +++ b/src/main/resources/taiga/async-service.yaml @@ -14,5 +14,5 @@ spec: - name: http targetPort: http port: 8000 - protocol: TCP + protocol: TCP \ No newline at end of file diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index 62d9584..e37f75f 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -19,6 +19,7 @@ spec: - name: taiga-back command: - /taiga-back/docker/entrypoint.sh + - /taiga-back/docker/manage.py createsuperuser --noinput image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index 171a832..6b18be9 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -9,7 +9,7 @@ data: # Taiga settings TAIGA_SITES_SCHEME: https - TAIGA_SITES_DOMAIN: taiga.test.meissa.de + TAIGA_SITES_DOMAIN: taiga.test.meissa.de # Replace by replacable values TAIGA_SUBPATH: "" # Email settings. diff --git a/src/main/resources/taiga/data-pvcs.yaml b/src/main/resources/taiga/data-pvcs.yaml index cd51a7d..0af7c35 100644 --- a/src/main/resources/taiga/data-pvcs.yaml +++ b/src/main/resources/taiga/data-pvcs.yaml @@ -7,12 +7,12 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path + storageClassName: local-path # ToDo: configurable accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi + storage: 1Gi # ToDo: configurable --- apiVersion: v1 kind: PersistentVolumeClaim @@ -23,9 +23,9 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path + storageClassName: local-path # ToDo: configurable accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi + storage: 1Gi # ToDo: configurable diff --git a/src/main/resources/taiga/events-deployment.yaml b/src/main/resources/taiga/events-deployment.yaml index 652d173..9745172 100644 --- a/src/main/resources/taiga/events-deployment.yaml +++ b/src/main/resources/taiga/events-deployment.yaml @@ -23,11 +23,6 @@ spec: - name: http containerPort: 8888 env: - #- name: EVENTS_PUSH_BACKEND_URL # ToDo: check if we really need to set these URLs - # valueFrom: - # configMapKeyRef: - # name: taiga-configmap - # key: EVENTS_PUSH_BACKEND_URL - name: RABBITMQ_USER valueFrom: secretKeyRef: diff --git a/src/main/resources/taiga/events-rabbitmq-deployment.yaml b/src/main/resources/taiga/events-rabbitmq-deployment.yaml index f04eff8..768ace5 100644 --- a/src/main/resources/taiga/events-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/events-rabbitmq-deployment.yaml @@ -37,12 +37,12 @@ spec: configMapKeyRef: name: taiga-configmap key: RABBITMQ_DEFAULT_VHOST - - name: RABBITMQ_USER + - name: RABBITMQ_DEFAULT_USER valueFrom: secretKeyRef: name: taiga-secret key: RABBITMQ_USER - - name: RABBITMQ_PASS + - name: RABBITMQ_DEFAULT_PASS valueFrom: secretKeyRef: name: taiga-secret diff --git a/src/main/resources/taiga/rabbitmq-pvc.yaml b/src/main/resources/taiga/rabbitmq-pvc.yaml index 3f56a91..649256c 100644 --- a/src/main/resources/taiga/rabbitmq-pvc.yaml +++ b/src/main/resources/taiga/rabbitmq-pvc.yaml @@ -7,12 +7,12 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path + storageClassName: local-path # ToDo: configurable accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi + storage: 1Gi # ToDo: configurable --- apiVersion: v1 kind: PersistentVolumeClaim @@ -23,9 +23,9 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path + storageClassName: local-path # ToDo: configurable accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi + storage: 1Gi # ToDo: configurable From 1745d6b01f2c75b3224747ae5958af3dc95f2b31 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 11:50:42 +0200 Subject: [PATCH 27/60] Prepare configmap for automatic generation --- src/main/resources/taiga/configmap.yaml | 40 ++++++------------------- 1 file changed, 9 insertions(+), 31 deletions(-) diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index 6b18be9..98c056d 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -7,40 +7,18 @@ data: # These environment variables will be used by taiga-back and taiga-async. # Database settings handled in deployment + # Telemetry settings + ENABLE_TELEMETRY: REPLACEME + # Taiga settings TAIGA_SITES_SCHEME: https - TAIGA_SITES_DOMAIN: taiga.test.meissa.de # Replace by replacable values + TAIGA_SITES_DOMAIN: FQDN TAIGA_SUBPATH: "" - # Email settings. - EMAIL_BACKEND: console # django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend # ToDo move to code base - DEFAULT_FROM_EMAIL: meissa@meissa.de - EMAIL_USE_TLS: "false" - EMAIL_USE_SSL: "false" - EMAIL_HOST: smpt.meissa.de - EMAIL_PORT: "39" - - # Telemetry settings - ENABLE_TELEMETRY: "false" - # ...your customizations go here - - # Taiga Events Settings - # EVENTS_PUSH_BACKEND_URL: RABBITMQ_URL_VALUE - ## Format RABBITMQ_URL="amqp://${RABBITMQ_USER}:${RABBITMQ_PASS}@taiga-events-rabbitmq:5672/taiga" - # RABBITMQ_URL: RABBITMQ_URL_VALUE # found in https://github.com/kaleidos-ventures/taiga-events/blob/main/docker/env.template - - # Taiga Async Settings - # CELERY_BROKER_URL: CELERY_URL_VALUE - # Taiga Front Settings - TAIGA_URL: https://taiga.test.meissa.de - TAIGA_SUBPATH: "" - TAIGA_WEBSOCKETS_URL: wss://taiga.test.meissa.de - PUBLIC_REGISTER_ENABLED: "true" - CONTRIB_PLUGINS: "" - GITHUB_CLIENT_ID: "" - GITLAB_CLIENT_ID: "" - GITLAB_URL: "" + TAIGA_URL: https://FQDN + TAIGA_WEBSOCKETS_URL: wss://FQDN + PUBLIC_REGISTER_ENABLED: REPLACEME ENABLE_GITHUB_IMPORTER: "false" ENABLE_JIRA_IMPORTER: "false" ENABLE_TRELLO_IMPORTER: "false" @@ -48,5 +26,5 @@ data: # Rabbitmq settings RABBITMQ_DEFAULT_VHOST: taiga - SESSION_COOKIE_SECURE: "False" - CSRF_COOKIE_SECURE: "False" + SESSION_COOKIE_SECURE: "false" + CSRF_COOKIE_SECURE: "false" From f1902315a5838abaeeb7584c6bb4284f9246241b Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 11:51:01 +0200 Subject: [PATCH 28/60] Prepare pvcs for automatic generation --- src/main/resources/taiga/data-pvcs.yaml | 8 ++++---- src/main/resources/taiga/rabbitmq-pvc.yaml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/main/resources/taiga/data-pvcs.yaml b/src/main/resources/taiga/data-pvcs.yaml index 0af7c35..0fb755e 100644 --- a/src/main/resources/taiga/data-pvcs.yaml +++ b/src/main/resources/taiga/data-pvcs.yaml @@ -7,12 +7,12 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path # ToDo: configurable + storageClassName: REPLACEME accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi # ToDo: configurable + storage: REPLACEME --- apiVersion: v1 kind: PersistentVolumeClaim @@ -23,9 +23,9 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path # ToDo: configurable + storageClassName: REPLACEME accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi # ToDo: configurable + storage: REPLACEME diff --git a/src/main/resources/taiga/rabbitmq-pvc.yaml b/src/main/resources/taiga/rabbitmq-pvc.yaml index 649256c..d31525c 100644 --- a/src/main/resources/taiga/rabbitmq-pvc.yaml +++ b/src/main/resources/taiga/rabbitmq-pvc.yaml @@ -7,12 +7,12 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path # ToDo: configurable + storageClassName: REPLACEME accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi # ToDo: configurable + storage: REPLACEME --- apiVersion: v1 kind: PersistentVolumeClaim @@ -23,9 +23,9 @@ metadata: app: taiga app.kubernetes.part-of: taiga spec: - storageClassName: local-path # ToDo: configurable + storageClassName: REPLACEME accessModes: - ReadWriteOnce resources: requests: - storage: 1Gi # ToDo: configurable + storage: REPLACEME From 75c10c1d65f5f4c76c9db449a6a969755783d0a7 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 11:51:12 +0200 Subject: [PATCH 29/60] Prepare secret for automatic generation --- src/main/resources/taiga/secret.yaml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/src/main/resources/taiga/secret.yaml b/src/main/resources/taiga/secret.yaml index a551cf8..785444b 100644 --- a/src/main/resources/taiga/secret.yaml +++ b/src/main/resources/taiga/secret.yaml @@ -5,20 +5,19 @@ metadata: labels: app.kubernetes.part-of: taiga data: - # Taiga settings - TAIGA_SECRET_KEY: NTlkc2ZnanNkZjRqcTPDn2RmZWozNDU= + TAIGA_SECRET_KEY: TAIGA_SECRET_KEY # Email settings - EMAIL_HOST_USER: bWVpc3NhQG1laXNzYS5kZQ== - EMAIL_HOST_PASSWORD: YXNkZmFzZGY= + EMAIL_HOST_USER: EMAIL_HOST_USER + EMAIL_HOST_PASSWORD: EMAIL_HOST_PASSWORD # Rabbitmq settings - RABBITMQ_USER: dGFpZ2E= - RABBITMQ_PASS: YXNkbGkzNDUzNDVnc2FkZmczNDVlNHJ0ZzM0 - RABBITMQ_ERLANG_COOKIE: YXNkZmhhczM0MnNkbjM= + RABBITMQ_USER: RABBITMQ_USER + RABBITMQ_PASS: RABBITMQ_PASS + RABBITMQ_ERLANG_COOKIE: RABBITMQ_ERLANG_COOKIE # Django settings - DJANGO_SUPERUSER_USERNAME: dGFpZ2E= - DJANGO_SUPERUSER_PASSWORD: dGFpZ2FfcGFzcw== + DJANGO_SUPERUSER_USERNAME: SUPERUSER_USERNAME + DJANGO_SUPERUSER_PASSWORD: SUPERUSER_PASSWORD DJANGO_SUPERUSER_EMAIL: SUPERUSER_EMAIL From 5abb1fcef884a049c1e45c76bdf6971b1436a255 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 11:51:26 +0200 Subject: [PATCH 30/60] Add valid config/auth --- src/test/resources/website-test/valid-auth.yaml | 1 + src/test/resources/website-test/valid-config.yaml | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/src/test/resources/website-test/valid-auth.yaml b/src/test/resources/website-test/valid-auth.yaml index c4316db..947747b 100644 --- a/src/test/resources/website-test/valid-auth.yaml +++ b/src/test/resources/website-test/valid-auth.yaml @@ -8,6 +8,7 @@ django-superuser-password: "" django-superuser-email: "some@example.com" rabbitmq-user: "" rabbitmq-pw: "" +rabbitmq-erlang-cookie: "" mon-auth: grafana-cloud-user: "user" grafana-cloud-password: "password" diff --git a/src/test/resources/website-test/valid-config.yaml b/src/test/resources/website-test/valid-config.yaml index 71d94b0..286c588 100644 --- a/src/test/resources/website-test/valid-config.yaml +++ b/src/test/resources/website-test/valid-config.yaml @@ -1,4 +1,10 @@ issuer: "staging" +fqdn: "taiga.test.meissa.de" +public-register-enabled: "false" +enable-telemetry: "false" +storage-class-name: "local-path" +storage-media-size: "20" +storage-static-size: "20" mon-cfg: grafana-cloud-url: "url-for-your-prom-remote-write-endpoint" cluster-name: "jitsi" From 4ef726d93fcace2e197ace940b8a9fb1cc2e61ef Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 12:14:54 +0200 Subject: [PATCH 31/60] Change size form str to int --- src/test/resources/website-test/valid-config.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/test/resources/website-test/valid-config.yaml b/src/test/resources/website-test/valid-config.yaml index 286c588..c11ac59 100644 --- a/src/test/resources/website-test/valid-config.yaml +++ b/src/test/resources/website-test/valid-config.yaml @@ -3,8 +3,10 @@ fqdn: "taiga.test.meissa.de" public-register-enabled: "false" enable-telemetry: "false" storage-class-name: "local-path" -storage-media-size: "20" -storage-static-size: "20" +storage-media-size: 20 +storage-static-size: 20 +storage-async-rabbitmq-size: 20 +storage-events-rabbitmq-size: 20 mon-cfg: grafana-cloud-url: "url-for-your-prom-remote-write-endpoint" cluster-name: "jitsi" From 46283232e90d494df6d5a4cb48802d120ff4b671 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 12:15:28 +0200 Subject: [PATCH 32/60] Implement specs --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 54 ++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 8 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 831c0ef..d611582 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -17,25 +17,62 @@ (def config-defaults {:issuer "staging" - :volume-size "3"}) + :storage-class-name "local-path" + :pv-storage-size-gb "5" ;; ToDo: check sensible defaults + :storage-media-size "5" + :storage-static-size "5" + :storage-async-rabbitmq-size "5" + :storage-events-rabbitmq-size "5" + :public-register-enabled "false" + :enable-telemetry "false"}) (s/def ::mon-cfg ::mon/mon-cfg) (s/def ::mon-auth ::mon/mon-auth) +(s/def ::taiga-secret cp/bash-env-string?) +(s/def ::mailer-user string?) +(s/def ::mailer-pw string?) +(s/def ::django-superuser-username string?) +(s/def ::django-superuser-password string?) +(s/def ::django-superuser-email string?) +(s/def ::rabbitmq-user string?) +(s/def ::rabbitmq-pw string?) +(s/def ::rabbitmq-erlang-cookie string?) -(s/def ::fqdn cp/fqdn-string?) (s/def ::issuer cp/letsencrypt-issuer?) -; TODO: Passwords +(s/def ::fqdn cp/fqdn-string?) +(s/def ::public-register-enabled string?) ;; ToDo maybe check for boolean string +(s/def ::enable-telemetry string?) +(s/def ::storage-class-name string?) +(s/def ::storage-media-size int?) +(s/def ::storage-static-size int?) +(s/def ::storage-async-rabbitmq-size int?) +(s/def ::storage-events-rabbitmq-size int?) + +(def auth? (s/keys :req-un [::postgres/postgres-db-user + ::postgres/postgres-db-password + ::taiga-secret + ::mailer-pw + ::mailer-user + ::django-superuser-email + ::django-superuser-password + ::django-superuser-username + ::rabbitmq-erlang-cookie + ::rabbitmq-pw + ::rabbitmq-user] + :opt-un [::mon-auth])) (def config? (s/keys :req-un [::fqdn] :opt-un [::issuer + ::storage-class-name + ::storage-media-size + ::storage-static-size + ::storage-async-rabbitmq-size + ::storage-events-rabbitmq-size ::pv-storage-size-gb - ::pvc-storage-class-name + ::public-register-enabled + ::enable-telemetry ::mon-cfg])) -(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password] - :opt-un [::mon-auth])) - - #?(:cljs (defmethod yaml/load-resource :taiga [resource-name] (case resource-name @@ -70,6 +107,7 @@ :service-port 80} config))) +; TODO; postgres genenration ; TODO: Check which ones need configuration or authentication information (defn-spec generate-events-rabbitmq-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-deployment.yaml"))) From 151ab2a68575e376a8a317a5528ec2747ed97bee Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 12:46:48 +0200 Subject: [PATCH 33/60] Split pvcs into files --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 39 +++++++++++++------ src/main/resources/taiga/data-pvcs.yaml | 31 --------------- .../resources/taiga/pvc-taiga-media-data.yaml | 15 +++++++ .../taiga/pvc-taiga-static-data.yaml | 15 +++++++ .../resources/taiga/rabbitmq-pvc-async.yaml | 15 +++++++ .../resources/taiga/rabbitmq-pvc-events.yaml | 15 +++++++ src/main/resources/taiga/rabbitmq-pvc.yaml | 31 --------------- 7 files changed, 87 insertions(+), 74 deletions(-) delete mode 100644 src/main/resources/taiga/data-pvcs.yaml create mode 100644 src/main/resources/taiga/pvc-taiga-media-data.yaml create mode 100644 src/main/resources/taiga/pvc-taiga-static-data.yaml create mode 100644 src/main/resources/taiga/rabbitmq-pvc-async.yaml create mode 100644 src/main/resources/taiga/rabbitmq-pvc-events.yaml delete mode 100644 src/main/resources/taiga/rabbitmq-pvc.yaml diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index d611582..5e9adaa 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -28,7 +28,7 @@ (s/def ::mon-cfg ::mon/mon-cfg) (s/def ::mon-auth ::mon/mon-auth) -(s/def ::taiga-secret cp/bash-env-string?) +(s/def ::taiga-secret-key cp/bash-env-string?) (s/def ::mailer-user string?) (s/def ::mailer-pw string?) (s/def ::django-superuser-username string?) @@ -50,7 +50,7 @@ (def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password - ::taiga-secret + ::taiga-secret-key ::mailer-pw ::mailer-user ::django-superuser-email @@ -88,7 +88,8 @@ "taiga/front-deployment.yaml" (rc/inline "taiga/front-deployment.yaml") "taiga/front-service.yaml" (rc/inline "taiga/front-service.yaml") "taiga/gateway-service.yaml" (rc/inline "taiga/gateway-service.yaml") - "taiga/data-pvcs.yaml" (rc/inline "taiga/data-pvcs.yaml") + "taiga/pvc-taiga-media-data.yaml" (rc/inline "taiga/pvc-taiga-media-data.yaml") + "taiga/pvc-taiga-static-data.yaml" (rc/inline "taiga/pvc-taiga-static-data.yaml") "taiga/async-rabbitmq-deployment.yaml" (rc/inline "taiga/async-rabbitmq-deployment.yaml") "taiga/protected-service.yaml" (rc/inline "taiga/protected-service.yaml") "taiga/secret.yaml" (rc/inline "taiga/secret.yaml") @@ -96,7 +97,8 @@ "taiga/events-service.yaml" (rc/inline "taiga/events-service.yaml") "taiga/back-service.yaml" (rc/inline "taiga/back-service.yaml") "taiga/events-rabbitmq-service.yaml" (rc/inline "taiga/events-rabbitmq-service.yaml") - "taiga/rabbitmq-pvc.yaml" (rc/inline "taiga/rabbitmq-pvc.yaml") + "taiga/rabbitmq-pvc-async.yaml" (rc/inline "taiga/rabbitmq-pvc-async.yaml") + "taiga/rabbitmq-pvc-events.yaml" (rc/inline "taiga/rabbitmq-pvc-events.yaml") (throw (js/Error. "Undefined Resource!"))))) (defn-spec generate-ingress-and-cert cp/map-or-seq? @@ -107,7 +109,6 @@ :service-port 80} config))) -; TODO; postgres genenration ; TODO: Check which ones need configuration or authentication information (defn-spec generate-events-rabbitmq-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-deployment.yaml"))) @@ -121,8 +122,11 @@ (defn-spec generate-gateway-configmap cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/gateway-configmap.yaml"))) -(defn-spec generate-configmap cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/configmap.yaml"))) +(defn-spec generate-configmap cp/map-or-seq? + [config config?] + (let [{:keys [fqdn]} config] + (-> (yaml/load-as-edn "taiga/configmap.yaml") + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (defn-spec generate-async-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/async-service.yaml"))) @@ -145,8 +149,13 @@ (defn-spec generate-gateway-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/gateway-service.yaml"))) -(defn-spec generate-data-pvcs cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/data-pvcs.yaml"))) +(defn-spec generate-pvc-taiga-media-data cp/map-or-seq? + [config config?] + (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-media-data.yaml"))) + +(defn-spec generate-pvc-taiga-static-data cp/map-or-seq? + [config config?] + (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-static-data.yaml"))) (defn-spec generate-async-rabbitmq-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-deployment.yaml"))) @@ -154,7 +163,8 @@ (defn-spec generate-protected-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/protected-service.yaml"))) -(defn-spec generate-secret cp/map-or-seq? [] +(defn-spec generate-secret cp/map-or-seq? + [auth auth?] (yaml/from-string (yaml/load-resource "taiga/secret.yaml"))) (defn-spec generate-async-rabbitmq-service cp/map-or-seq? [] @@ -169,6 +179,11 @@ (defn-spec generate-events-rabbitmq-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-service.yaml"))) -(defn-spec generate-rabbitmq-pvc cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc.yaml"))) +(defn-spec generate-rabbitmq-pvc-async cp/map-or-seq? + [config config?] + (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-async.yaml"))) + +(defn-spec generate-rabbitmq-pvc-events cp/map-or-seq? + [config config?] + (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-events.yaml"))) diff --git a/src/main/resources/taiga/data-pvcs.yaml b/src/main/resources/taiga/data-pvcs.yaml deleted file mode 100644 index 0fb755e..0000000 --- a/src/main/resources/taiga/data-pvcs.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: taiga-media-data - namespace: default - labels: - app: taiga - app.kubernetes.part-of: taiga -spec: - storageClassName: REPLACEME - accessModes: - - ReadWriteOnce - resources: - requests: - storage: REPLACEME ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: taiga-static-data - namespace: default - labels: - app: taiga - app.kubernetes.part-of: taiga -spec: - storageClassName: REPLACEME - accessModes: - - ReadWriteOnce - resources: - requests: - storage: REPLACEME diff --git a/src/main/resources/taiga/pvc-taiga-media-data.yaml b/src/main/resources/taiga/pvc-taiga-media-data.yaml new file mode 100644 index 0000000..65b1867 --- /dev/null +++ b/src/main/resources/taiga/pvc-taiga-media-data.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: taiga-media-data + namespace: default + labels: + app: taiga + app.kubernetes.part-of: taiga +spec: + storageClassName: REPLACEME + accessModes: + - ReadWriteOnce + resources: + requests: + storage: REPLACEME diff --git a/src/main/resources/taiga/pvc-taiga-static-data.yaml b/src/main/resources/taiga/pvc-taiga-static-data.yaml new file mode 100644 index 0000000..3663d24 --- /dev/null +++ b/src/main/resources/taiga/pvc-taiga-static-data.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: taiga-static-data + namespace: default + labels: + app: taiga + app.kubernetes.part-of: taiga +spec: + storageClassName: REPLACEME + accessModes: + - ReadWriteOnce + resources: + requests: + storage: REPLACEME diff --git a/src/main/resources/taiga/rabbitmq-pvc-async.yaml b/src/main/resources/taiga/rabbitmq-pvc-async.yaml new file mode 100644 index 0000000..52d745a --- /dev/null +++ b/src/main/resources/taiga/rabbitmq-pvc-async.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: taiga-async-rabbitmq-data + namespace: default + labels: + app: taiga + app.kubernetes.part-of: taiga +spec: + storageClassName: REPLACEME + accessModes: + - ReadWriteOnce + resources: + requests: + storage: REPLACEME diff --git a/src/main/resources/taiga/rabbitmq-pvc-events.yaml b/src/main/resources/taiga/rabbitmq-pvc-events.yaml new file mode 100644 index 0000000..7ce880e --- /dev/null +++ b/src/main/resources/taiga/rabbitmq-pvc-events.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: taiga-events-rabbitmq-data + namespace: default + labels: + app: taiga + app.kubernetes.part-of: taiga +spec: + storageClassName: REPLACEME + accessModes: + - ReadWriteOnce + resources: + requests: + storage: REPLACEME diff --git a/src/main/resources/taiga/rabbitmq-pvc.yaml b/src/main/resources/taiga/rabbitmq-pvc.yaml deleted file mode 100644 index d31525c..0000000 --- a/src/main/resources/taiga/rabbitmq-pvc.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: taiga-async-rabbitmq-data - namespace: default - labels: - app: taiga - app.kubernetes.part-of: taiga -spec: - storageClassName: REPLACEME - accessModes: - - ReadWriteOnce - resources: - requests: - storage: REPLACEME ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: taiga-events-rabbitmq-data - namespace: default - labels: - app: taiga - app.kubernetes.part-of: taiga -spec: - storageClassName: REPLACEME - accessModes: - - ReadWriteOnce - resources: - requests: - storage: REPLACEME From 0db2059c3fb8eb393fd67e2814fb44de14672b00 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 12:47:11 +0200 Subject: [PATCH 34/60] Validate valid config/auth --- src/test/cljc/dda/c4k_taiga/core_test.cljc | 9 +++++---- .../{website-test => taiga-test}/valid-auth.yaml | 12 ++++++------ .../{website-test => taiga-test}/valid-config.yaml | 0 3 files changed, 11 insertions(+), 10 deletions(-) rename src/test/resources/{website-test => taiga-test}/valid-auth.yaml (58%) rename src/test/resources/{website-test => taiga-test}/valid-config.yaml (100%) diff --git a/src/test/cljc/dda/c4k_taiga/core_test.cljc b/src/test/cljc/dda/c4k_taiga/core_test.cljc index a771259..a5de164 100644 --- a/src/test/cljc/dda/c4k_taiga/core_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/core_test.cljc @@ -5,14 +5,15 @@ :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.alpha :as s] [dda.c4k-common.yaml :as yaml] - [dda.c4k-taiga.core :as cut] - [clojure.spec.alpha :as s])) + [dda.c4k-taiga.core :as cut])) #?(:cljs (defmethod yaml/load-resource :website-test [resource-name] (case resource-name + "taiga-test/valid-config.yaml" (rc/inline "taiga-test/valid-config.yaml") + "taiga-test/valid-auth.yaml" (rc/inline "taiga-test/valid-auth.yaml") (throw (js/Error. "Undefined Resource!"))))) (deftest validate-valid-resources - ;(is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml"))) - ) + (is (s/valid? cut/config? (yaml/load-as-edn "taiga-test/valid-config.yaml"))) + (is (s/valid? cut/auth? (yaml/load-as-edn "taiga-test/valid-auth.yaml")))) diff --git a/src/test/resources/website-test/valid-auth.yaml b/src/test/resources/taiga-test/valid-auth.yaml similarity index 58% rename from src/test/resources/website-test/valid-auth.yaml rename to src/test/resources/taiga-test/valid-auth.yaml index 947747b..6ed8858 100644 --- a/src/test/resources/website-test/valid-auth.yaml +++ b/src/test/resources/taiga-test/valid-auth.yaml @@ -1,14 +1,14 @@ taiga-secret-key: "some-key" postgres-db-user: "forgejo" postgres-db-password: "forgejo-db-password" -mailer-user: "" -mailer-pw: "" +mailer-user: "mailer-user" +mailer-pw: "mailer-pw" django-superuser-username: "taiga-admin" -django-superuser-password: "" +django-superuser-password: "super-password" django-superuser-email: "some@example.com" -rabbitmq-user: "" -rabbitmq-pw: "" -rabbitmq-erlang-cookie: "" +rabbitmq-user: "rabbit-user" +rabbitmq-pw: "rabbit-pw" +rabbitmq-erlang-cookie: "rabbit-erlang" mon-auth: grafana-cloud-user: "user" grafana-cloud-password: "password" diff --git a/src/test/resources/website-test/valid-config.yaml b/src/test/resources/taiga-test/valid-config.yaml similarity index 100% rename from src/test/resources/website-test/valid-config.yaml rename to src/test/resources/taiga-test/valid-config.yaml From 5f1626f488c787cf65101a7d42ed27ecf2602f37 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 12:47:26 +0200 Subject: [PATCH 35/60] Implement generation tests --- src/test/cljc/dda/c4k_taiga/taiga_test.cljc | 100 +++++++++++++++++++- 1 file changed, 96 insertions(+), 4 deletions(-) diff --git a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc index 72cfb9e..dcb2fb5 100644 --- a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc @@ -5,8 +5,100 @@ :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.alpha :as s] [dda.c4k-common.yaml :as yaml] - [dda.c4k-taiga.core :as cut] - [clojure.spec.alpha :as s])) + [dda.c4k-taiga.taiga :as cut])) -(deftest dummy-taiga-test - (is true)) \ No newline at end of file +#?(:cljs + (defmethod yaml/load-resource :website-test [resource-name] + (case resource-name + "taiga-test/valid-config.yaml" (rc/inline "taiga-test/valid-config.yaml") + "taiga-test/valid-auth.yaml" (rc/inline "taiga-test/valid-auth.yaml") + (throw (js/Error. "Undefined Resource!"))))) + +(deftest should-generate-configmap + (is (= {:apiVersion "v1", + :kind "ConfigMap", + :metadata {:name "taiga-configmap", :namespace "default"}, + :data + {:ENABLE_TELEMETRY "false", + :TAIGA_SITES_SCHEME "https", + :TAIGA_SITES_DOMAIN "taiga.test.meissa.de", + :TAIGA_SUBPATH "", + :TAIGA_URL "https://taiga.test.meissa.de", + :TAIGA_WEBSOCKETS_URL "wss://taiga.test.meissa.de", + :PUBLIC_REGISTER_ENABLED "false", + :ENABLE_GITHUB_IMPORTER "false", + :ENABLE_JIRA_IMPORTER "false", + :ENABLE_TRELLO_IMPORTER "false", + :RABBITMQ_DEFAULT_VHOST "taiga", + :SESSION_COOKIE_SECURE "false", + :CSRF_COOKIE_SECURE "false"}} + (cut/generate-configmap (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) + +(deftest should-generate-pvc-taiga-media-data + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "taiga-media-data", + :namespace "default", + :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, + :spec + {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "5"}}}} + (cut/generate-pvc-taiga-media-data (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) + +(deftest should-generate-pvc-taiga-static-data + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "taiga-media-data", + :namespace "default", + :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, + :spec + {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "5"}}}} + (cut/generate-pvc-taiga-static-data (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) + +(deftest should-generate-rabbitmq-pvc-async + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "taiga-media-data", + :namespace "default", + :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, + :spec + {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "5"}}}} + (cut/generate-rabbitmq-pvc-async(yaml/load-as-edn "taiga-test/valid-config.yaml"))))) + +(deftest should-generate-rabbitmq-pvc-events + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "taiga-media-data", + :namespace "default", + :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, + :spec + {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "5"}}}} + (cut/generate-rabbitmq-pvc-events (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) + +(deftest should-generate-secret + (is (= {:apiVersion "v1", + :kind "Secret", + :metadata + {:name "taiga-secret", :labels {:app.kubernetes.part-of "taiga"}}, + :data + {:TAIGA_SECRET_KEY "some-key", + :EMAIL_HOST_USER "mailer-user", + :EMAIL_HOST_PASSWORD "mailer-pw", + :RABBITMQ_USER "rabbit-user", + :RABBITMQ_PASS "rabbit-pw", + :RABBITMQ_ERLANG_COOKIE "rabbit-erlang", + :DJANGO_SUPERUSER_USERNAME "taiga-admin", + :DJANGO_SUPERUSER_PASSWORD "super-password", + :DJANGO_SUPERUSER_EMAIL "some@example.com"}} + (cut/generate-secret (yaml/load-as-edn "taiga-test/valid-auth.yaml"))))) \ No newline at end of file From 6e9dda54b4d5bcca944f9c6a5aacf9a120d6eff8 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 13:22:58 +0200 Subject: [PATCH 36/60] Implement generate fun --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 52 +++++++++++++++++++++----- 1 file changed, 43 insertions(+), 9 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 5e9adaa..64ac072 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -124,9 +124,13 @@ (defn-spec generate-configmap cp/map-or-seq? [config config?] - (let [{:keys [fqdn]} config] - (-> (yaml/load-as-edn "taiga/configmap.yaml") - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + (let [{:keys [fqdn enable-telemetry public-register-enabled]} (merge config-defaults config)] + (-> (yaml/load-as-edn "taiga/configmap.yaml") + (cm/replace-key-value :TAIGA_SITES_DOMAIN fqdn) + (cm/replace-key-value :TAIGA_URL (str "https://" fqdn)) + (cm/replace-key-value :TAIGA_WEBSOCKETS_URL (str "wss://" fqdn)) + (cm/replace-key-value :ENABLE_TELEMETRY enable-telemetry) + (cm/replace-key-value :PUBLIC_REGISTER_ENABLED public-register-enabled)))) (defn-spec generate-async-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/async-service.yaml"))) @@ -151,11 +155,19 @@ (defn-spec generate-pvc-taiga-media-data cp/map-or-seq? [config config?] - (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-media-data.yaml"))) + (let [{:keys [storage-class-name storage-media-size]} (merge config-defaults config)] + (-> + (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-media-data.yaml")) + (assoc-in [:spec :storageClassName] storage-class-name) + (assoc-in [:spec :resources :requests :storage] (str storage-media-size "Gi"))))) (defn-spec generate-pvc-taiga-static-data cp/map-or-seq? [config config?] - (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-static-data.yaml"))) + (let [{:keys [storage-class-name storage-static-size]} (merge config-defaults config)] + (-> + (yaml/from-string (yaml/load-resource "taiga/pvc-taiga-static-data.yaml")) + (assoc-in [:spec :storageClassName] storage-class-name) + (assoc-in [:spec :resources :requests :storage] (str storage-static-size "Gi"))))) (defn-spec generate-async-rabbitmq-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-deployment.yaml"))) @@ -163,9 +175,23 @@ (defn-spec generate-protected-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/protected-service.yaml"))) -(defn-spec generate-secret cp/map-or-seq? +(defn-spec generate-secret cp/map-or-seq? [auth auth?] - (yaml/from-string (yaml/load-resource "taiga/secret.yaml"))) + (let [{:keys [taiga-secret-key + mailer-user mailer-pw + rabbitmq-user rabbitmq-pw rabbitmq-erlang-cookie + django-superuser-username django-superuser-password django-superuser-email]} auth] + (-> + (yaml/from-string (yaml/load-resource "taiga/secret.yaml")) + (cm/replace-key-value :TAIGA_SECRET_KEY (b64/encode taiga-secret-key)) + (cm/replace-key-value :EMAIL_HOST_USER (b64/encode mailer-user)) + (cm/replace-key-value :EMAIL_HOST_PASSWORD (b64/encode mailer-pw)) + (cm/replace-key-value :RABBITMQ_USER (b64/encode rabbitmq-user)) + (cm/replace-key-value :RABBITMQ_PASS (b64/encode rabbitmq-pw)) + (cm/replace-key-value :RABBITMQ_ERLANG_COOKIE (b64/encode rabbitmq-erlang-cookie)) + (cm/replace-key-value :DJANGO_SUPERUSER_USERNAME (b64/encode django-superuser-username)) + (cm/replace-key-value :DJANGO_SUPERUSER_PASSWORD (b64/encode django-superuser-password)) + (cm/replace-key-value :DJANGO_SUPERUSER_EMAIL (b64/encode django-superuser-email))))) (defn-spec generate-async-rabbitmq-service cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-service.yaml"))) @@ -181,9 +207,17 @@ (defn-spec generate-rabbitmq-pvc-async cp/map-or-seq? [config config?] - (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-async.yaml"))) + (let [{:keys [storage-class-name storage-async-rabbitmq-size]} (merge config-defaults config)] + (-> + (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-async.yaml")) + (assoc-in [:spec :storageClassName] storage-class-name) + (assoc-in [:spec :resources :requests :storage] (str storage-async-rabbitmq-size "Gi"))))) (defn-spec generate-rabbitmq-pvc-events cp/map-or-seq? [config config?] - (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-events.yaml"))) + (let [{:keys [storage-class-name storage-events-rabbitmq-size]} (merge config-defaults config)] + (-> + (yaml/from-string (yaml/load-resource "taiga/rabbitmq-pvc-events.yaml")) + (assoc-in [:spec :storageClassName] storage-class-name) + (assoc-in [:spec :resources :requests :storage] (str storage-events-rabbitmq-size "Gi"))))) From 4e88dc03840171651760de868d500495a0abb531 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 13:23:26 +0200 Subject: [PATCH 37/60] Correct test vals --- src/test/cljc/dda/c4k_taiga/taiga_test.cljc | 32 ++++++++++----------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc index dcb2fb5..a49e9f3 100644 --- a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc @@ -44,46 +44,46 @@ :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], - :resources {:requests {:storage "5"}}}} + :resources {:requests {:storage "2Gi"}}}} (cut/generate-pvc-taiga-media-data (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) (deftest should-generate-pvc-taiga-static-data (is (= {:apiVersion "v1", :kind "PersistentVolumeClaim", :metadata - {:name "taiga-media-data", + {:name "taiga-static-data", :namespace "default", :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], - :resources {:requests {:storage "5"}}}} + :resources {:requests {:storage "3Gi"}}}} (cut/generate-pvc-taiga-static-data (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) (deftest should-generate-rabbitmq-pvc-async (is (= {:apiVersion "v1", :kind "PersistentVolumeClaim", :metadata - {:name "taiga-media-data", + {:name "taiga-async-rabbitmq-data", :namespace "default", :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], - :resources {:requests {:storage "5"}}}} + :resources {:requests {:storage "4Gi"}}}} (cut/generate-rabbitmq-pvc-async(yaml/load-as-edn "taiga-test/valid-config.yaml"))))) (deftest should-generate-rabbitmq-pvc-events (is (= {:apiVersion "v1", :kind "PersistentVolumeClaim", :metadata - {:name "taiga-media-data", + {:name "taiga-events-rabbitmq-data", :namespace "default", :labels {:app "taiga", :app.kubernetes.part-of "taiga"}}, :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], - :resources {:requests {:storage "5"}}}} + :resources {:requests {:storage "5Gi"}}}} (cut/generate-rabbitmq-pvc-events (yaml/load-as-edn "taiga-test/valid-config.yaml"))))) (deftest should-generate-secret @@ -92,13 +92,13 @@ :metadata {:name "taiga-secret", :labels {:app.kubernetes.part-of "taiga"}}, :data - {:TAIGA_SECRET_KEY "some-key", - :EMAIL_HOST_USER "mailer-user", - :EMAIL_HOST_PASSWORD "mailer-pw", - :RABBITMQ_USER "rabbit-user", - :RABBITMQ_PASS "rabbit-pw", - :RABBITMQ_ERLANG_COOKIE "rabbit-erlang", - :DJANGO_SUPERUSER_USERNAME "taiga-admin", - :DJANGO_SUPERUSER_PASSWORD "super-password", - :DJANGO_SUPERUSER_EMAIL "some@example.com"}} + {:TAIGA_SECRET_KEY "c29tZS1rZXk=", + :EMAIL_HOST_USER "bWFpbGVyLXVzZXI=", + :EMAIL_HOST_PASSWORD "bWFpbGVyLXB3", + :RABBITMQ_USER "cmFiYml0LXVzZXI=", + :RABBITMQ_PASS "cmFiYml0LXB3", + :RABBITMQ_ERLANG_COOKIE "cmFiYml0LWVybGFuZw==", + :DJANGO_SUPERUSER_USERNAME "dGFpZ2EtYWRtaW4=", + :DJANGO_SUPERUSER_PASSWORD "c3VwZXItcGFzc3dvcmQ=", + :DJANGO_SUPERUSER_EMAIL "c29tZUBleGFtcGxlLmNvbQ=="}} (cut/generate-secret (yaml/load-as-edn "taiga-test/valid-auth.yaml"))))) \ No newline at end of file From 7618778a07f89fec4a891a9b5a3d0c6ce2e92eef Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 25 Aug 2023 13:23:49 +0200 Subject: [PATCH 38/60] Change storage sizes --- src/test/resources/taiga-test/valid-config.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/test/resources/taiga-test/valid-config.yaml b/src/test/resources/taiga-test/valid-config.yaml index c11ac59..a0a21f7 100644 --- a/src/test/resources/taiga-test/valid-config.yaml +++ b/src/test/resources/taiga-test/valid-config.yaml @@ -3,10 +3,10 @@ fqdn: "taiga.test.meissa.de" public-register-enabled: "false" enable-telemetry: "false" storage-class-name: "local-path" -storage-media-size: 20 -storage-static-size: 20 -storage-async-rabbitmq-size: 20 -storage-events-rabbitmq-size: 20 +storage-media-size: 2 +storage-static-size: 3 +storage-async-rabbitmq-size: 4 +storage-events-rabbitmq-size: 5 mon-cfg: grafana-cloud-url: "url-for-your-prom-remote-write-endpoint" cluster-name: "jitsi" From 5930d4376ae0095adca4968e97af56feedfe97a7 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 13:32:49 +0200 Subject: [PATCH 39/60] Remove copy-paste mistake --- src/test/cljc/dda/c4k_taiga/taiga_test.cljc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc index a49e9f3..9162f18 100644 --- a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc @@ -8,7 +8,7 @@ [dda.c4k-taiga.taiga :as cut])) #?(:cljs - (defmethod yaml/load-resource :website-test [resource-name] + (defmethod yaml/load-resource :taiga-test [resource-name] (case resource-name "taiga-test/valid-config.yaml" (rc/inline "taiga-test/valid-config.yaml") "taiga-test/valid-auth.yaml" (rc/inline "taiga-test/valid-auth.yaml") From 827c97dc621f898c848b09762437dbb5206f94c6 Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 13:33:08 +0200 Subject: [PATCH 40/60] Pass config/auth to functions --- src/main/cljc/dda/c4k_taiga/core.cljc | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index baa529d..f4f5b61 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -29,14 +29,14 @@ :pvc-storage-class-name default-storage-class}) (postgres/generate-deployment) (postgres/generate-service) - ; TODO: Add configuration and authentication to relevant calls (taiga/generate-async-rabbitmq-deployment) (taiga/generate-async-rabbitmq-service) (taiga/generate-async-service) (taiga/generate-back-deployment) (taiga/generate-back-service) - (taiga/generate-configmap) - (taiga/generate-data-pvcs) + (taiga/generate-configmap config) + (taiga/generate-pvc-taiga-media-data config) + (taiga/generate-pvc-taiga-static-data config) (taiga/generate-events-deployment) (taiga/generate-events-rabbitmq-deployment) (taiga/generate-events-rabbitmq-service) @@ -48,8 +48,9 @@ (taiga/generate-gateway-service) (taiga/generate-protected-deployment) (taiga/generate-protected-service) - (taiga/generate-rabbitmq-pvc) - (taiga/generate-secret)] - (taiga/generate-ingress-and-cert) + (taiga/generate-rabbitmq-pvc-async config) + (taiga/generate-rabbitmq-pvc-events config) + (taiga/generate-secret auth)] + (taiga/generate-ingress-and-cert config) (when (:contains? config :mon-cfg) (mon/generate (:mon-cfg config) (:mon-auth auth)))))))) From cfaea2fda9b105d864633f52ca6aa16a29d7efee Mon Sep 17 00:00:00 2001 From: bom Date: Fri, 25 Aug 2023 13:34:42 +0200 Subject: [PATCH 41/60] Add config-defaults to core --- src/main/cljc/dda/c4k_taiga/core.cljc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index f4f5b61..fd55bfb 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -15,6 +15,8 @@ (def config? taiga/config?) (def auth? taiga/auth?) +(def config-defaults taiga/config-defaults) + (defn-spec k8s-objects cp/map-or-seq? [config taiga/config? auth taiga/auth?] From 356a4a1eef228a41d42c846d478c7e64439814f4 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 29 Aug 2023 13:24:46 +0200 Subject: [PATCH 42/60] Add fqdn to ingress --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 64ac072..76737d6 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -103,11 +103,13 @@ (defn-spec generate-ingress-and-cert cp/map-or-seq? [config config?] - (ing/generate-ingress-and-cert - (merge - {:service-name "taiga" - :service-port 80} - config))) + (let [{:keys [fqdn]} config] + (ing/generate-ingress-and-cert + (merge + {:service-name "taiga" + :service-port 3000 + :fqdns [fqdn]} + config)))) ; TODO: Check which ones need configuration or authentication information (defn-spec generate-events-rabbitmq-deployment cp/map-or-seq? [] From e8e0f8a1f2e91fdeb53ad4f8c1ee9fbb1f42fafc Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 29 Aug 2023 13:25:21 +0200 Subject: [PATCH 43/60] Execute manage.py before entrypoint.sh --- src/main/resources/taiga/back-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index e37f75f..a1e55ca 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -18,8 +18,8 @@ spec: containers: - name: taiga-back command: - - /taiga-back/docker/entrypoint.sh - - /taiga-back/docker/manage.py createsuperuser --noinput + - python /taiga-back/docker/manage.py createsuperuser --noinput + - /taiga-back/docker/entrypoint.sh image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: From 0b6018d539afdecd8f24f692932db97a3448075b Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 29 Aug 2023 14:49:35 +0200 Subject: [PATCH 44/60] [Skip CI] Remove automatic creation of superuser We might want to execute that cmd manually within the container. --- src/main/resources/taiga/back-deployment.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index a1e55ca..603b832 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -17,9 +17,8 @@ spec: spec: containers: - name: taiga-back - command: - - python /taiga-back/docker/manage.py createsuperuser --noinput - - /taiga-back/docker/entrypoint.sh + command: + - /taiga-back/docker/entrypoint.sh image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: From ed4e41bd6f79e631601ceeb091d015e0f9a7bffc Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 12:35:30 +0200 Subject: [PATCH 45/60] Correct service name and port --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 76737d6..4ec4c6a 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -106,8 +106,8 @@ (let [{:keys [fqdn]} config] (ing/generate-ingress-and-cert (merge - {:service-name "taiga" - :service-port 3000 + {:service-name "taiga-front" + :service-port 80 :fqdns [fqdn]} config)))) From c93f08614d2fe68f6d21f5286282786c1f2800bd Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 12:36:12 +0200 Subject: [PATCH 46/60] Add info for current problems --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bcd7f64..520b92c 100644 --- a/README.md +++ b/README.md @@ -6,11 +6,13 @@ ## Configuration Issues -https://github.com/kaleidos-ventures/taiga-docker -https://community.taiga.io/t/taiga-30min-setup/170 +We currently can no login even after `python manage.py createsuperuser --noinput` in the taiga-back-deployment container. What might help: https://docs.taiga.io/setup-production.html#taiga-back Note: taiga-manage,-back und -async verwenden die gleichen docker images mit unterschiedlichen entry-points. +https://github.com/kaleidos-ventures/taiga-docker +https://community.taiga.io/t/taiga-30min-setup/170 + ### HTTPS Terminiert am ingress. Wie interagiert das mit taiga? From ee69800d4989a09e7090048b0851926de921a409 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 12:40:13 +0200 Subject: [PATCH 47/60] Set more precise labels, selectors and matchers --- src/main/resources/taiga/async-deployment.yaml | 4 ++-- src/main/resources/taiga/async-rabbitmq-deployment.yaml | 4 ++-- src/main/resources/taiga/async-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/async-service.yaml | 2 +- src/main/resources/taiga/back-deployment.yaml | 4 ++-- src/main/resources/taiga/back-service.yaml | 2 +- src/main/resources/taiga/events-deployment.yaml | 4 ++-- src/main/resources/taiga/events-rabbitmq-deployment.yaml | 4 ++-- src/main/resources/taiga/events-rabbitmq-service.yaml | 2 +- src/main/resources/taiga/events-service.yaml | 2 +- src/main/resources/taiga/front-deployment.yaml | 4 ++-- src/main/resources/taiga/front-service.yaml | 2 +- src/main/resources/taiga/gateway-deployment.yaml | 4 ++-- src/main/resources/taiga/gateway-service.yaml | 2 +- src/main/resources/taiga/protected-deployment.yaml | 4 ++-- src/main/resources/taiga/protected-service.yaml | 3 +-- 16 files changed, 24 insertions(+), 25 deletions(-) diff --git a/src/main/resources/taiga/async-deployment.yaml b/src/main/resources/taiga/async-deployment.yaml index 84e6f26..686ed72 100644 --- a/src/main/resources/taiga/async-deployment.yaml +++ b/src/main/resources/taiga/async-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-async template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-async spec: containers: - name: taiga-async diff --git a/src/main/resources/taiga/async-rabbitmq-deployment.yaml b/src/main/resources/taiga/async-rabbitmq-deployment.yaml index af02c46..0fab2e5 100644 --- a/src/main/resources/taiga/async-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/async-rabbitmq-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-async-rabbitmq template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-async-rabbitmq spec: containers: - name: taiga-async-rabbitmq diff --git a/src/main/resources/taiga/async-rabbitmq-service.yaml b/src/main/resources/taiga/async-rabbitmq-service.yaml index 91950d4..dc8a1e1 100644 --- a/src/main/resources/taiga/async-rabbitmq-service.yaml +++ b/src/main/resources/taiga/async-rabbitmq-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-async-rabbitmq ports: - name: amqp targetPort: amqp diff --git a/src/main/resources/taiga/async-service.yaml b/src/main/resources/taiga/async-service.yaml index 943056f..f24f84a 100644 --- a/src/main/resources/taiga/async-service.yaml +++ b/src/main/resources/taiga/async-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-async ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index 603b832..c18cd5c 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-back template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-back spec: containers: - name: taiga-back diff --git a/src/main/resources/taiga/back-service.yaml b/src/main/resources/taiga/back-service.yaml index 8306a2c..b6f9d75 100644 --- a/src/main/resources/taiga/back-service.yaml +++ b/src/main/resources/taiga/back-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-back ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/events-deployment.yaml b/src/main/resources/taiga/events-deployment.yaml index 9745172..824f2ba 100644 --- a/src/main/resources/taiga/events-deployment.yaml +++ b/src/main/resources/taiga/events-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga # ToDo: Check for consistent labels (maybe use app.kubernetes.io) + app.kubernetes.io/component: taiga-events template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-events spec: containers: - name: taiga-events diff --git a/src/main/resources/taiga/events-rabbitmq-deployment.yaml b/src/main/resources/taiga/events-rabbitmq-deployment.yaml index 768ace5..bb78f80 100644 --- a/src/main/resources/taiga/events-rabbitmq-deployment.yaml +++ b/src/main/resources/taiga/events-rabbitmq-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-events-rabbitmq template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-events-rabbitmq spec: containers: - name: taiga-events-rabbitmq diff --git a/src/main/resources/taiga/events-rabbitmq-service.yaml b/src/main/resources/taiga/events-rabbitmq-service.yaml index ce86f13..2f542fc 100644 --- a/src/main/resources/taiga/events-rabbitmq-service.yaml +++ b/src/main/resources/taiga/events-rabbitmq-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-events-rabbitmq ports: - name: amqp targetPort: amqp diff --git a/src/main/resources/taiga/events-service.yaml b/src/main/resources/taiga/events-service.yaml index 37dd8aa..4ec0f51 100644 --- a/src/main/resources/taiga/events-service.yaml +++ b/src/main/resources/taiga/events-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-events ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/front-deployment.yaml b/src/main/resources/taiga/front-deployment.yaml index 2600cc4..08424d8 100644 --- a/src/main/resources/taiga/front-deployment.yaml +++ b/src/main/resources/taiga/front-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-front template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-front spec: containers: - name: taiga-front diff --git a/src/main/resources/taiga/front-service.yaml b/src/main/resources/taiga/front-service.yaml index 97dcfb2..d586429 100644 --- a/src/main/resources/taiga/front-service.yaml +++ b/src/main/resources/taiga/front-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-front ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/gateway-deployment.yaml b/src/main/resources/taiga/gateway-deployment.yaml index a3d4b49..b6c1beb 100644 --- a/src/main/resources/taiga/gateway-deployment.yaml +++ b/src/main/resources/taiga/gateway-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-gateway template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-gateway spec: restartPolicy: Always containers: diff --git a/src/main/resources/taiga/gateway-service.yaml b/src/main/resources/taiga/gateway-service.yaml index 7387138..441dedf 100644 --- a/src/main/resources/taiga/gateway-service.yaml +++ b/src/main/resources/taiga/gateway-service.yaml @@ -9,7 +9,7 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-gateway ports: - name: http targetPort: http diff --git a/src/main/resources/taiga/protected-deployment.yaml b/src/main/resources/taiga/protected-deployment.yaml index b4a74fc..729de1e 100644 --- a/src/main/resources/taiga/protected-deployment.yaml +++ b/src/main/resources/taiga/protected-deployment.yaml @@ -9,11 +9,11 @@ spec: replicas: 1 selector: matchLabels: - app: taiga + app.kubernetes.io/component: taiga-protected template: metadata: labels: - app: taiga + app.kubernetes.io/component: taiga-protected spec: containers: - name: taiga-protected diff --git a/src/main/resources/taiga/protected-service.yaml b/src/main/resources/taiga/protected-service.yaml index ab2fdc9..6f448ac 100644 --- a/src/main/resources/taiga/protected-service.yaml +++ b/src/main/resources/taiga/protected-service.yaml @@ -9,10 +9,9 @@ metadata: spec: type: ClusterIP selector: - app: taiga + app.kubernetes.io/component: taiga-protected ports: - name: http targetPort: http port: 8003 protocol: TCP - \ No newline at end of file From 73239fa9f09f06a5b61c86ee2e2c3b356b45955c Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 13:07:24 +0200 Subject: [PATCH 48/60] Disable celery by default --- src/main/resources/taiga/configmap.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index 98c056d..4d506d8 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -7,6 +7,9 @@ data: # These environment variables will be used by taiga-back and taiga-async. # Database settings handled in deployment + # Taiga back settings + CELERY_ENABLED: "false" + # Telemetry settings ENABLE_TELEMETRY: REPLACEME From 543b64557ce5f8de05a9d03cdfaf8a7780abef78 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 13:08:06 +0200 Subject: [PATCH 49/60] Add missing generate call --- src/main/cljc/dda/c4k_taiga/core.cljc | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/cljc/dda/c4k_taiga/core.cljc b/src/main/cljc/dda/c4k_taiga/core.cljc index fd55bfb..80aeb55 100644 --- a/src/main/cljc/dda/c4k_taiga/core.cljc +++ b/src/main/cljc/dda/c4k_taiga/core.cljc @@ -31,6 +31,7 @@ :pvc-storage-class-name default-storage-class}) (postgres/generate-deployment) (postgres/generate-service) + (taiga/generate-async-deployment) (taiga/generate-async-rabbitmq-deployment) (taiga/generate-async-rabbitmq-service) (taiga/generate-async-service) From 0ef6975aad260259ad741182cf1196304b37d499 Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 13:11:44 +0200 Subject: [PATCH 50/60] Reordering --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 83 +++++++++++++------------- 1 file changed, 41 insertions(+), 42 deletions(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 4ec4c6a..1fffef3 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -111,18 +111,56 @@ :fqdns [fqdn]} config)))) -; TODO: Check which ones need configuration or authentication information +(defn-spec generate-async-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-deployment.yaml"))) + +(defn-spec generate-async-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-service.yaml"))) + +(defn-spec generate-async-rabbitmq-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-deployment.yaml"))) + +(defn-spec generate-events-rabbitmq-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-service.yaml"))) + +(defn-spec generate-async-rabbitmq-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-service.yaml"))) + +(defn-spec generate-back-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/back-deployment.yaml"))) + +(defn-spec generate-back-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/back-service.yaml"))) + (defn-spec generate-events-rabbitmq-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-deployment.yaml"))) +(defn-spec generate-events-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-deployment.yaml"))) + +(defn-spec generate-events-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/events-service.yaml"))) + +(defn-spec generate-front-deployment cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/front-deployment.yaml"))) + +(defn-spec generate-front-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/front-service.yaml"))) + +(defn-spec generate-gateway-configmap cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/gateway-configmap.yaml"))) + (defn-spec generate-gateway-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/gateway-deployment.yaml"))) +(defn-spec generate-gateway-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/gateway-service.yaml"))) + (defn-spec generate-protected-deployment cp/map-or-seq? [] (yaml/from-string (yaml/load-resource "taiga/protected-deployment.yaml"))) -(defn-spec generate-gateway-configmap cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/gateway-configmap.yaml"))) +(defn-spec generate-protected-service cp/map-or-seq? [] + (yaml/from-string (yaml/load-resource "taiga/protected-service.yaml"))) (defn-spec generate-configmap cp/map-or-seq? [config config?] @@ -134,27 +172,6 @@ (cm/replace-key-value :ENABLE_TELEMETRY enable-telemetry) (cm/replace-key-value :PUBLIC_REGISTER_ENABLED public-register-enabled)))) -(defn-spec generate-async-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/async-service.yaml"))) - -(defn-spec generate-events-deployment cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/events-deployment.yaml"))) - -(defn-spec generate-async-deployment cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/async-deployment.yaml"))) - -(defn-spec generate-back-deployment cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/back-deployment.yaml"))) - -(defn-spec generate-front-deployment cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/front-deployment.yaml"))) - -(defn-spec generate-front-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/front-service.yaml"))) - -(defn-spec generate-gateway-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/gateway-service.yaml"))) - (defn-spec generate-pvc-taiga-media-data cp/map-or-seq? [config config?] (let [{:keys [storage-class-name storage-media-size]} (merge config-defaults config)] @@ -171,12 +188,6 @@ (assoc-in [:spec :storageClassName] storage-class-name) (assoc-in [:spec :resources :requests :storage] (str storage-static-size "Gi"))))) -(defn-spec generate-async-rabbitmq-deployment cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-deployment.yaml"))) - -(defn-spec generate-protected-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/protected-service.yaml"))) - (defn-spec generate-secret cp/map-or-seq? [auth auth?] (let [{:keys [taiga-secret-key @@ -195,18 +206,6 @@ (cm/replace-key-value :DJANGO_SUPERUSER_PASSWORD (b64/encode django-superuser-password)) (cm/replace-key-value :DJANGO_SUPERUSER_EMAIL (b64/encode django-superuser-email))))) -(defn-spec generate-async-rabbitmq-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/async-rabbitmq-service.yaml"))) - -(defn-spec generate-events-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/events-service.yaml"))) - -(defn-spec generate-back-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/back-service.yaml"))) - -(defn-spec generate-events-rabbitmq-service cp/map-or-seq? [] - (yaml/from-string (yaml/load-resource "taiga/events-rabbitmq-service.yaml"))) - (defn-spec generate-rabbitmq-pvc-async cp/map-or-seq? [config config?] (let [{:keys [storage-class-name storage-async-rabbitmq-size]} (merge config-defaults config)] From 91ec7ba84997e4e6cc0b3c830030fcd304e50c3a Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 30 Aug 2023 13:29:41 +0200 Subject: [PATCH 51/60] Fix test --- src/test/cljc/dda/c4k_taiga/taiga_test.cljc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc index 9162f18..c50288d 100644 --- a/src/test/cljc/dda/c4k_taiga/taiga_test.cljc +++ b/src/test/cljc/dda/c4k_taiga/taiga_test.cljc @@ -19,7 +19,8 @@ :kind "ConfigMap", :metadata {:name "taiga-configmap", :namespace "default"}, :data - {:ENABLE_TELEMETRY "false", + {:CELERY_ENABLED "false", + :ENABLE_TELEMETRY "false", :TAIGA_SITES_SCHEME "https", :TAIGA_SITES_DOMAIN "taiga.test.meissa.de", :TAIGA_SUBPATH "", From 3fd63cd3aa16bdc6211c0eb21b8e21795da3d0da Mon Sep 17 00:00:00 2001 From: erik Date: Thu, 31 Aug 2023 13:40:09 +0200 Subject: [PATCH 52/60] Don't set CELERY_ENABLED here --- src/main/resources/taiga/configmap.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index 4d506d8..98c056d 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -7,9 +7,6 @@ data: # These environment variables will be used by taiga-back and taiga-async. # Database settings handled in deployment - # Taiga back settings - CELERY_ENABLED: "false" - # Telemetry settings ENABLE_TELEMETRY: REPLACEME From 850e2522b906ac5b1f36eb6cd7cd1e59c32d12eb Mon Sep 17 00:00:00 2001 From: erik Date: Thu, 31 Aug 2023 13:40:30 +0200 Subject: [PATCH 53/60] Use init container to create admin user --- src/main/resources/taiga/back-deployment.yaml | 47 +++++++++++++++++-- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index c18cd5c..8f2bbac 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -15,10 +15,51 @@ spec: labels: app.kubernetes.io/component: taiga-back spec: + initContainers: + - name: taiga-manage + image: taigaio/taiga-back:latest + imagePullPolicy: IfNotPresent + command: ["/bin/bash"] + args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser"] + ports: + - name: http + containerPort: 8000 + volumeMounts: + - name: taiga-static + mountPath: /taiga-back/static + readOnly: false + - name: taiga-media + mountPath: /taiga-back/media + readOnly: false + envFrom: + - configMapRef: + name: taiga-configmap + - secretRef: + name: taiga-secret + env: + - name: CELERY_ENABLED + value: "false" + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: postgres-config + key: postgres-db + - name: POSTGRES_HOST + value: "postgresql-service" + - name: POSTGRES_PORT + value: "5432" containers: - name: taiga-back - command: - - /taiga-back/docker/entrypoint.sh image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent ports: @@ -57,7 +98,7 @@ spec: - name: POSTGRES_PORT value: "5432" - volumes: # ToDo: Remove Volumes where not necessary + volumes: - name: taiga-static persistentVolumeClaim: claimName: taiga-static-data From d4cf54eb33038642e86d074d10bee728e96c3f0f Mon Sep 17 00:00:00 2001 From: erik Date: Thu, 31 Aug 2023 13:45:07 +0200 Subject: [PATCH 54/60] Describe state of knowledge about admin user --- README.md | 49 +++++++++++++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 520b92c..8cd7035 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,37 @@ Note: taiga-manage,-back und -async verwenden die gleichen docker images mit unt https://github.com/kaleidos-ventures/taiga-docker https://community.taiga.io/t/taiga-30min-setup/170 +### Steps to start and get an admin user + +Philosophy: First create the superuser, then populate the DB. +https://docs.taiga.io/setup-production.html#taiga-back +https://docs.taiga.io/setup-production.html#_configure_an_admin_user +https://github.com/kaleidos-ventures/taiga-back/blob/main/docker/entrypoint.sh + +In the init container we create the super user. Difference between init-container and container: CELERY_ENABLED: false +The init container gets the following command and args: + +```yaml +command: ["/bin/bash"] +args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser"] +``` + +Thus the dockerfile default entrypoint is ignored. + +Problem: Login using this method is still not available with the proposed credentials. + +#### Option 1: Init container, currently under test + +Create an init container (celery disabled) with the python manage.py command and the taiga-manage createsuperuser args + +#### Option 2: Single container + +Create a single container that has celery disabled at the beginning. +Runs the following cmds: +* python manage.py taiga-manage createsuperuser +* enable celery +* execute entrypoint.sh + ### HTTPS Terminiert am ingress. Wie interagiert das mit taiga? @@ -51,24 +82,6 @@ taiga-async -> taiga-async-rabbitmq taiga-events -> taiga-events-rabbitmq This is not quite clear, but probably solved with the implementation of services. -### Init container - -Es gibt einen Init-Container mit namen *taiga-manage* im deployment. -Dieser erstellt einen Admin User mit credentials aus dem taiga-back-secret. - -#### Einen admin-user anlegen - -https://github.com/kaleidos-ventures/taiga-docker#configure-an-admin-user - -folglich: - -https://docs.djangoproject.com/en/4.2/ref/django-admin/#django-admin-createsuperuser - -Also DJANGO_SUPERUSER_TAIGAADMIN und DJANGO_SUPERUSER_PASSWORD -sollten für den Container gesetzt sein. - -Dann noch ein run befehl mit: python manage.py createsuperuser im init container unterbringen. - ### Deployments Separate deployments exist for each of the taiga modules: From 479ed41f98c2c36e71aeb4cbc8214122def463bb Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 09:37:32 +0200 Subject: [PATCH 55/60] Add missing --noinput --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8cd7035..b866ea5 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ The init container gets the following command and args: ```yaml command: ["/bin/bash"] -args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser"] +args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser --noinput"] ``` Thus the dockerfile default entrypoint is ignored. From e4fd8833403f87add760c3ce0f4ceb67fc31d57b Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 09:39:27 +0200 Subject: [PATCH 56/60] Add missing --noinput --- src/main/resources/taiga/back-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index 8f2bbac..31408cc 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -20,7 +20,7 @@ spec: image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent command: ["/bin/bash"] - args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser"] + args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser --noinput"] ports: - name: http containerPort: 8000 From c1b98a8fe923acf8da9f4471de7de8d472ca3854 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 09:39:56 +0200 Subject: [PATCH 57/60] Case --- src/main/resources/taiga/configmap.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index 98c056d..d271b8e 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -26,5 +26,5 @@ data: # Rabbitmq settings RABBITMQ_DEFAULT_VHOST: taiga - SESSION_COOKIE_SECURE: "false" - CSRF_COOKIE_SECURE: "false" + SESSION_COOKIE_SECURE: "False" + CSRF_COOKIE_SECURE: "False" From 9046f4a5a01c46af4371722cfd96e0ae8bd12b28 Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 12:31:19 +0200 Subject: [PATCH 58/60] Use taiga-gateway as ingress termination point Otherwise users will not be able to log in. --- src/main/cljc/dda/c4k_taiga/taiga.cljc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/cljc/dda/c4k_taiga/taiga.cljc b/src/main/cljc/dda/c4k_taiga/taiga.cljc index 1fffef3..044711e 100644 --- a/src/main/cljc/dda/c4k_taiga/taiga.cljc +++ b/src/main/cljc/dda/c4k_taiga/taiga.cljc @@ -106,7 +106,7 @@ (let [{:keys [fqdn]} config] (ing/generate-ingress-and-cert (merge - {:service-name "taiga-front" + {:service-name "taiga-gateway" :service-port 80 :fqdns [fqdn]} config)))) From 6f896e72f4eb000aa1868a53648ae164aeef7d8c Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 12:32:04 +0200 Subject: [PATCH 59/60] Add migration before superuser creation --- src/main/resources/taiga/back-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/resources/taiga/back-deployment.yaml b/src/main/resources/taiga/back-deployment.yaml index 31408cc..f389e23 100644 --- a/src/main/resources/taiga/back-deployment.yaml +++ b/src/main/resources/taiga/back-deployment.yaml @@ -20,7 +20,7 @@ spec: image: taigaio/taiga-back:latest imagePullPolicy: IfNotPresent command: ["/bin/bash"] - args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser --noinput"] + args: ["-c", "source /opt/venv/bin/activate && CELERY_ENABLE=true python manage.py migrate && sleep 15 && python manage.py createsuperuser --noinput"] ports: - name: http containerPort: 8000 From 20c046d48c511c22c12b572fd8b00dded23e666d Mon Sep 17 00:00:00 2001 From: erik Date: Fri, 1 Sep 2023 12:32:55 +0200 Subject: [PATCH 60/60] Use ws:// instead of wss:// --- src/main/resources/taiga/configmap.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/resources/taiga/configmap.yaml b/src/main/resources/taiga/configmap.yaml index d271b8e..425ac94 100644 --- a/src/main/resources/taiga/configmap.yaml +++ b/src/main/resources/taiga/configmap.yaml @@ -17,7 +17,7 @@ data: # Taiga Front Settings TAIGA_URL: https://FQDN - TAIGA_WEBSOCKETS_URL: wss://FQDN + TAIGA_WEBSOCKETS_URL: ws://FQDN PUBLIC_REGISTER_ENABLED: REPLACEME ENABLE_GITHUB_IMPORTER: "false" ENABLE_JIRA_IMPORTER: "false"